In GitHub, you can set branch protection rules in two ways:
Using the new Rulesets feature
Using the classic Branch Protection Rules interface
To configure these, you’ll first need to identify your environment’s Git branch, which is displayed in the Version Control section of the Environment Settings page in Salto’s UI.
Branch Ruleset Setup Instructions
Navigate to the Settings tab of your GitHub repository and select the Rulesets section from the left-hand menu and click on 'New branch ruleset.
Provide a ruleset name and make sure to activate it
Ensure that the shared Git credentials for your environment have permission to push. For example, if these credentials have repository admin permissions, add a bypass for repository admins.
In the Target Branches section, click on the Include by Pattern option and enter your environment’s branch name.
For the remainder of the page, complete the fields according to your organization’s policies, for example:
Ensure the following settings:Enable Squash and Merge
Do not enable Signed Commits.
Once finished, click the Create button at the bottom of the page.
Classic Branch Protection Rules Setup Instructions
When you navigate to the Settings tab of your GitHub repository and select the Branches section from the left-hand menu, you might notice the following callout:
Click on 'Add classic branch protection rule'
If you already have classic branch protection rules configured for this repository, click on 'Add rule'
Type your environment's branch name under "Branch name pattern"
Ensure that organization or repository administrators have permission to push
For the remainder of the page, complete this according to your organization's policies.
Additional Setup
Code Owners
To enable GitHub’s Code Owners feature and automatically assign pull request reviews based on file ownership, add a CODEOWNERS file to your branches via Salto. Refer to the instructions here to update your environment branch.
Learn more about the code owners feature in GitHub’s Code Owners documentation.