Create Branch Protections
Follow the GitHub instructions for creating an app.
It should have at least the following permissions:
- Actions Access: Read-only
- Contents Access: Read and write
- Metadata Access: Read-only (selected by default)
Open your new GitHub App.
Scroll down to the Private keys section and click the “Generate a private key” button
This will automatically download a .pem file with your new private key to your computer.
Scroll back up and click on Install App and install your GitHub App in your repository.
Open your new GitHub App and copy your “App ID” from your GitHub App
Open your GitHub repository and click Settings > Secrets and variables > Actions
Click the “Variables” tab and click the “New repository variable” button
Enter “APP_ID” in the Name field and paste your App Id from above into the Value field. Click the “Add variable” button to save the variable.
Click the Secrets tab and click the New repository secret button.
Enter “PRIVATE_KEY” in the Name field. Copy the contents from the .pem file that was downloaded to your computer and paste it in the Secret field. Click the “Add secret” button.
Open GitHub and click on Settings > Branches
Click the “Add branch ruleset” button
Name the rule and click the “Disabled” button and then click “Active”
Add your new GitHub Action as a bypass for the rule
Leave the bypass as “Always allow”
Click the “Add target” button and then click “include by pattern”
Enter “gh-pages” into the Branch naming pattern field and click the “Add Inclusion pattern” button
Leave the default Branch rules selected and click Require a pull request before merging
Set the options that you would like for pull request requirement
Click the “Create” button to save the ruleset