A ruleset is a named list of rules that applies to a repository. You can have up to 75 rulesets per repository. In this project specifically, we care about the rulesets that are applied to the default (stable) branch of a repository (most likely main or master).
You should absolutely enable rulesets on your default branch when using this Action. It can help protect your default branch from accidental or even malicious changes.
This project will actually warn you in the logs if you are missing or have misconfigured certain rulesets. The "warnings" section of this document will help you understand how to fix these warnings and enable robust rulesets to protect your repository.
It should be noted that if you have a good reason to not use any of these rulesets, and you want to disable to loud warnings in the logs, you can do so by setting the use_security_warnings input option to false. This will disable all warnings in the logs.
Example:
- uses: github/[email protected]
id: branch-deploy
with:
use_security_warnings: false # <-- this will disable all warnings in the logs related to branch rulesetsSolution: Enable the Block force pushes rule
Solution: Enable the Restrict deletions rule
Solution: Enable the Require branches to be up to date before merging rule
Solution: Enable the Require a pull request before merging rule
Solution: Enable the Dismiss stale pull request approvals when new commits are pushed rule
Solution: Enable the Require review from Code Owners rule
Solution: Ensure that the Required approvals setting is not 0
Solution: Enable the Require deployments to succeed rule
