Improve "Protect version branches" ruleset#529
Merged
llucax merged 9 commits intofrequenz-floss:v0.x.xfrom Mar 4, 2026
Merged
Conversation
Copilot review now uses scarse premium requests, and this will be taken from the person creating the PR without them having a saying on how their premium requests are used, so we change to manual review requests. Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
It seems like GitHub changed this ID. Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
Code owners are good to request automatic review, but in practice it prevented some people with write access to approve PRs, which can be annoying. This is also necessary for the auto-dependabot and repo-config-migrate workflows to be able to approve and merge PRs automatically. Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
We want to make sure that merges are blocked if the repo config migration failed/requires manual intervention. Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
It is OK for the migration script to be long. Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
Add a migration step that updates the "Protect version branches" GitHub ruleset from migrate.py. Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
Copy the reusable GitHub ruleset helper functions to the migration script template so future migration steps can query and update rulesets without duplicating API plumbing. Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
shsms
approved these changes
Mar 4, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR updates the Protect version branches ruleset policy: disables mandatory code-owner review, removes automatic Copilot review, and requires the Migrate Repo Config status check (plus other minor maintainance changes).
It also adds a migration step that detects/applies those ruleset updates. It also introduces reusable GitHub ruleset API helpers in the migration template so future ruleset migrations can be implemented consistently without duplicating low-level gh api plumbing.
Fixes #470 and #471.