forked from andrewthetechie/gha-repo-manager
-
Notifications
You must be signed in to change notification settings - Fork 0
/
settings.yml
188 lines (164 loc) · 8.4 KB
/
settings.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
# settings.yml can live in two places:
# 1. in the repo itself
# 2. in a centralized repo
# The Action is able to apply settings to any repo that its token can manage
# You can run Action from each repo, acting on that repo's settings.yml, or
# from a central repo, using a single settings.yml to control many repos.
# Which method you choose is up to you. See README.md for more info and example
# Workflows to implement these strategies.
settings:
# See https://docs.github.com/en/rest/reference/repos#update-a-repository for all available settings.
# any of these settings can be ommitted to just leave the repo's current setting
# If a setting has a value in settings.yml, it will always overwrite what exists in the repo.
# A short description of the repository that will show up on GitHub. Set to an empty string to clear.
description: description of repo
# A URL with more information about the repository. Set to an empty string to clear.
homepage: https://example.github.io/
# A list of strings to apply as topics on the repo. Set to an empty string to clear topics. Omit or set to null to leave what repo already has
topics:
- gha
- foo
- bar
# Either `true` to make the repository private, or `false` to make it public.
private: false
# Either `true` to enable issues for this repository, `false` to disable them.
has_issues: true
# Either `true` to enable projects for this repository, or `false` to disable them.
# If projects are disabled for the organization, passing `true` will cause an API error.
has_projects: true
# Either `true` to enable the wiki for this repository, `false` to disable it.
has_wiki: true
# Either `true` to enable downloads for this repository, `false` to disable them.
has_downloads: true
# Set the default branch for this repository.
default_branch: main
# Either `true` to allow squash-merging pull requests, or `false` to prevent
# squash-merging.
allow_squash_merge: true
# Either `true` to allow merging pull requests with a merge commit, or `false`
# to prevent merging pull requests with merge commits.
allow_merge_commit: true
# Either `true` to allow rebase-merging pull requests, or `false` to prevent
# rebase-merging.
allow_rebase_merge: true
# Either `true` to enable automatic deletion of branches on merge, or `false` to disable
delete_branch_on_merge: true
# Either `true` to enable automated security fixes, or `false` to disable
# automated security fixes.
enable_automated_security_fixes: true
# Either `true` to enable vulnerability alerts, or `false` to disable
# vulnerability alerts.
enable_vulnerability_alerts: true
# Labels: define labels for Issues and Pull Requests
labels:
- name: bug
color: CC0000
description: An issue with the system.
- name: feature
# If including a `#`, make sure to wrap it with quotes!
color: "#336699"
description: New functionality.
- name: Help Wanted
# Provide a new name to rename an existing label. A rename that results in a 'not found' will not fail a run
new_name: first-timers-only
- name: Old Label
# set exists: false to delete a label. A delete that results in a "not found" will not fail a run
exists: false
branch_protections:
# branch protection can only be created for branches that exist.
- name: main
# https://docs.github.com/en/rest/reference/repos#update-branch-protection
# Branch Protection settings. Leave a value out to leave set at current repo settings
protection:
# Require at least one approving review on a pull request, before merging. Set to null to disable.
pr_options:
# The number of approvals required. (1-6)
required_approving_review_count: 1
# Dismiss approved reviews automatically when a new commit is pushed.
dismiss_stale_reviews: true
# Blocks merge until code owners have reviewed.
require_code_owner_reviews: true
# Specify which users and teams can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories.
# dismissal_restrictions:
# users: []
# teams: []
# Require status checks to pass before merging. Set to null to disable
# required_status_checks:
# # Require branches to be up to date before merging.
# strict: true
# # The list of status checks to require in order to merge into this branch
# checks:
# - lint
# - test
# - docker
# Enforce all configured restrictions for administrators. Set to true to enforce required status checks for repository administrators. Set to null to disable.
enforce_admins: true
# Prevent merge commits from being pushed to matching branches
require_linear_history: true
# Permit force pushes for all users with push access.
allow_force_pushes: true
# Allow users with push access to delete matching branches.
allow_deletions: true
# If set to true, the restrictions branch protection settings which limits who can push will also block pushes which create new branches, unless the push is initiated by a user, team, or app which has the ability to push. Set to true to restrict new branch creation.
block_creations: true
# Restrict who can push to this branch. Team and user restrictions are only available for organization-owned repositories. Set to null to disable.
restrictions:
users: []
teams: []
- name: dev
# will clear any branch protection on the dev branch, IF the dev branch exists. If you setup protection for a non-existant branch, this action cannot delete it
exists: False
# if the repo has a third branch named test with branch protections setup, by not adding a protection with name: test, this config will not change
# those existing protections.
- name: test
exists: True
secrets:
# Manage secrets in your repo. Useful to manage secrets from a central repo for non organizations or to manage secrets org wide
- key: SECRET_KEY
# pull the value from an environment variable. If this variable is not found in the env, throw an error and fail the run
# Set env vars on the github action job from secrets in your repo to sync screts across repos
env: SECRET_VALUE
# Set a dependabot secret on the repo
- key: SECRET_KEY
env: SECRET_VALUE
type: dependabot
- key: ANOTHER_SECRET
# set a value directly in your yaml, probably not a good idea for things that are actually a secret
value: bar
- key: THIRD_SECRET
# pull the value from an environment variable
env: THIRD_VALUE
# setting a value as not required allows you to not pass in an env var. if THIRD_VALUE is not set in the env, this secret won't be set but no error will be thrown
required: false
- key: DELETED_SECRET
# setting exists to false will delete a secret. A delete that results in "not found" won't fail a run, so you can use this to make sure a secret is always deleted
exists: false
# Can copy files from your local context to the repo.
# Manipulate files in the target repo
# * move files around
# * delete files
# Changes are automatically commited and pushed to a target branch (default is default branch)
# File operations are applied sequentially
files:
# copy templates/actions/my_workflow.yml to .github/workflows/my_workflow.yml in your target repo
# and commit it with the default commit message and to your repo's default branch.
# default commit message is "repo_manager file commit"
- src_file: templates/actions/my_workflow.yml
dest_file: .github/workflows/my_workflow.yml
- src_file: templates/issues/issue_template.md
dest_file: .github/ISSUE_TEMPLATE/issue.md
commit_msg: update issue template
# Update this file in the dev branch. If the dev branch doesn't exist, this will fail the workflow
- src_file: templates/dev/dev.md
dest_file: dev.md
target_branch: dev
# This moves README.md to README.rst in the remote. If README.md doesn't exist, the workflow will not fail and will emit a warning.
- src_file: remote://README.md
dest_file: README.rst
move: true
commit_msg: "move readme"
# This removes OLDDOC.md in the dev branch. If OLDDOC.md doesn't exist, the workflow will emit a warning
- dest_file: OLDDOC.md
exists: false
branch: dev
commit_msg: "remove OLDDOC.md from dev"