Protect code branches. In GitHub settings “Branch protection rules” select:
| https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging |
| https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging |
GitHub Actions is the preferred CI platform to implement checks. Create a test pipeline, consider required checks for:
| https://github.com/apps/dco |
| |
| |
| |
| |
| Example - ReadTheDocs webhook: |
| Example - CodeQL: Example - Snyk: https://docs.snyk.io/integrations/git-repository-scm-integrations/github-integration |
| Dependabot: |
| https://docs.github.com/en/actions/using-workflows/reusing-workflows |
Use GitHub Actions efficiently and reduce unnecessary runner usage:
| https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-using-concurrency-to-cancel-any-in-progress-job-or-run |
| https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-status-checks-before-merging |
| https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet |
| |
| |
| |
| |
| https://code.visualstudio.com/docs/devcontainers/containers |
|
Where appropriate, implement pre-commit rules (Stephen Curran can you clarify?) - Peter: I've added an item above for what I think this means. (If it's not a match, we can add more/different items of course)
Encourage developers to run tests locally before opening a pull request.
| |
| |
|