Ops: Added exported GitHub rulesets for tags and branches (closes #70) (

#71)

* Ops: Added exported GitHub rulesets for tags and branches (closes #70)

* Fixed dead link with Vale on VSCode extensions website

* [MegaLinter] Apply linters fixes

* Fixed formatting with Prettier

* [MegaLinter] Apply linters fixes

---------

Co-authored-by: andrewvaughan <[email protected]>

.config/linters/vale/README.md

@@ -22,5 +22,5 @@ make dev-dependencies
 
 <!-- Link repository -->
 
-[vale-extension]: https://marketplace.visualstudio.com/items?itemName=errata-ai.vale-server
+[vale-extension]: https://marketplace.visualstudio.com/items?itemName=ChrisChinchilla.vale-vscode
 [vale-install]: https://vale.sh/docs/vale-cli/installation/

.github/.config/rulesets/Branch Common Rules.json

@@ -0,0 +1,37 @@
+{
+  "id": 124535,
+  "name": "Branch Common Rules",
+  "target": "branch",
+  "source_type": "Repository",
+  "source": "andrewvaughan/template-core",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [],
+      "include": ["~ALL"]
+    }
+  },
+  "rules": [
+    {
+      "type": "deletion"
+    },
+    {
+      "type": "creation"
+    },
+    {
+      "type": "required_linear_history"
+    }
+  ],
+  "bypass_actors": [
+    {
+      "actor_id": 2,
+      "actor_type": "RepositoryRole",
+      "bypass_mode": "always"
+    },
+    {
+      "actor_id": 5,
+      "actor_type": "RepositoryRole",
+      "bypass_mode": "always"
+    }
+  ]
+}

.github/.config/rulesets/Branch Environment Rules.json

@@ -0,0 +1,65 @@
+{
+  "id": 124539,
+  "name": "Branch Environment Rules",
+  "target": "branch",
+  "source_type": "Repository",
+  "source": "andrewvaughan/template-core",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [],
+      "include": ["~DEFAULT_BRANCH", "refs/heads/production", "refs/heads/staging"]
+    }
+  },
+  "rules": [
+    {
+      "type": "deletion"
+    },
+    {
+      "type": "non_fast_forward"
+    },
+    {
+      "type": "creation"
+    },
+    {
+      "type": "update"
+    },
+    {
+      "type": "pull_request",
+      "parameters": {
+        "required_approving_review_count": 1,
+        "dismiss_stale_reviews_on_push": true,
+        "require_code_owner_review": true,
+        "require_last_push_approval": true,
+        "required_review_thread_resolution": true
+      }
+    },
+    {
+      "type": "required_linear_history"
+    },
+    {
+      "type": "required_status_checks",
+      "parameters": {
+        "strict_required_status_checks_policy": true,
+        "required_status_checks": [
+          {
+            "context": "MegaLinter",
+            "integration_id": 15368
+          }
+        ]
+      }
+    }
+  ],
+  "bypass_actors": [
+    {
+      "actor_id": 2,
+      "actor_type": "RepositoryRole",
+      "bypass_mode": "always"
+    },
+    {
+      "actor_id": 5,
+      "actor_type": "RepositoryRole",
+      "bypass_mode": "always"
+    }
+  ]
+}

.github/.config/rulesets/Branch Release Patterns.json

@@ -0,0 +1,60 @@
+{
+  "id": 124536,
+  "name": "Branch Release Patterns",
+  "target": "branch",
+  "source_type": "Repository",
+  "source": "andrewvaughan/template-core",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [],
+      "include": ["refs/heads/release/*", "refs/heads/release/**/*"]
+    }
+  },
+  "rules": [
+    {
+      "type": "deletion"
+    },
+    {
+      "type": "non_fast_forward"
+    },
+    {
+      "type": "creation"
+    },
+    {
+      "type": "update"
+    },
+    {
+      "type": "required_linear_history"
+    },
+    {
+      "type": "pull_request",
+      "parameters": {
+        "required_approving_review_count": 1,
+        "dismiss_stale_reviews_on_push": true,
+        "require_code_owner_review": true,
+        "require_last_push_approval": true,
+        "required_review_thread_resolution": true
+      }
+    },
+    {
+      "type": "required_status_checks",
+      "parameters": {
+        "strict_required_status_checks_policy": true,
+        "required_status_checks": [
+          {
+            "context": "MegaLinter",
+            "integration_id": 15368
+          }
+        ]
+      }
+    }
+  ],
+  "bypass_actors": [
+    {
+      "actor_id": 5,
+      "actor_type": "RepositoryRole",
+      "bypass_mode": "always"
+    }
+  ]
+}

.github/.config/rulesets/Tag Common Rules.json

@@ -0,0 +1,43 @@
+{
+  "id": 124530,
+  "name": "Tag Common Rules",
+  "target": "tag",
+  "source_type": "Repository",
+  "source": "andrewvaughan/template-core",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [],
+      "include": ["~ALL"]
+    }
+  },
+  "rules": [
+    {
+      "type": "deletion"
+    },
+    {
+      "type": "non_fast_forward"
+    },
+    {
+      "type": "creation"
+    },
+    {
+      "type": "update"
+    },
+    {
+      "type": "required_linear_history"
+    }
+  ],
+  "bypass_actors": [
+    {
+      "actor_id": 2,
+      "actor_type": "RepositoryRole",
+      "bypass_mode": "always"
+    },
+    {
+      "actor_id": 5,
+      "actor_type": "RepositoryRole",
+      "bypass_mode": "always"
+    }
+  ]
+}

.github/.config/rulesets/Tag Release Patterns.json

@@ -0,0 +1,38 @@
+{
+  "id": 124534,
+  "name": "Tag Release Patterns",
+  "target": "tag",
+  "source_type": "Repository",
+  "source": "andrewvaughan/template-core",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [],
+      "include": ["refs/tags/v*"]
+    }
+  },
+  "rules": [
+    {
+      "type": "deletion"
+    },
+    {
+      "type": "non_fast_forward"
+    },
+    {
+      "type": "creation"
+    },
+    {
+      "type": "update"
+    },
+    {
+      "type": "required_linear_history"
+    }
+  ],
+  "bypass_actors": [
+    {
+      "actor_id": 5,
+      "actor_type": "RepositoryRole",
+      "bypass_mode": "always"
+    }
+  ]
+}

_TEMPLATE_CHECKLIST.md

@@ -81,90 +81,14 @@ Visit the [General Settings][gh-settings] page for the Repository.
 
 Visit the [Rulesets][gh-rulesets] page for the Repository.
 
-- [ ] From the dropdown, select `New tag ruleset` with the following configuration:
-
-  - **Ruleset Name:** `Restrict Tag Creation`
-  - **Enforcement Status:** `Active`
-  - Click `+ Add bypass`
-    - **CHECK** `Repository Admin`
-    - **CHECK** `Maintain`
-  - Click `+ Add target`
-    - Select `Include all tags`
-  - Under **Tag protections**:
-    - **CHECK** `Restrict creations`
-
-- [ ] From the dropdown, select `New tag ruleset` with the following configuration:
-
-  - **Ruleset Name:** `Restrict Release Tags`
-  - **Enforcement Status:** `Active`
-  - Click `+ Add bypass`
-    - **CHECK** `Repository Admin`
-  - Click `+ Add target`
-    - Select `Include by pattern`
-      - **Naming Pattern:** `v*`
-  - Under **Tag protections**:
-    - **CHECK** `Restrict creations`
-    - **CHECK** `Restrict updates`
-    - **CHECK** `Require status checks to pass before merging`
-      - **CHECK** `Require branches to be up to date before merging`
-
-- [ ] Click `New branch ruleset` with the following configuration:
-
-  - **Ruleset Name:** `Restrict Branch Creation`
-  - **Enforcement Status:** `Active`
-  - Click `+ Add bypass`
-    - **CHECK** `Repository Admin`
-    - **CHECK** `Maintain`
-  - Click `+ Add target`
-    - Select `Include all branches`
-  - Under **Branch protections**:
-    - **CHECK** `Restrict creations`
-
-- [ ] Click `New branch ruleset` with the following configuration:
-
-  - **Ruleset Name:** `Environment Branch Protections`
-  - **Enforcement Status:** `Active`
-  - Click `+ Add bypass`
-    - **CHECK** `Repository Admin`
-    - **CHECK** `Maintain`
-  - Click `+ Add target`
-    - Select `Include default branch`
-  - Click `+ Add target`
-    - Select `Include by pattern`
-      - **Naming Pattern:** `staging`
-  - Click `+ Add target`
-    - Select `Include by pattern`
-      - **Naming Pattern:** `production`
-  - Under **Branch protections**:
-    - **CHECK** `Restrict creations`
-    - **CHECK** `Restrict updates`
-    - **CHECK** `Require a pull request before merging`
-      - Required approvals set to `1`
-      - **CHECK** `Dismiss stale pull request approvals when new commits are pushed`
-      - **CHECK** `Require review from Code Owners`
-      - **CHECK** `Require approval of the most recent reviewable push`
-      - **CHECK** `Require conversation resolution before merging`
-    - **CHECK** `Require status checks to pass before merging`
-      - **CHECK** `Require branches to be up to date before merging`
-      - Add **`MegaLinter`** and click the `+` button
-
-- [ ] From the dropdown, select `New branch ruleset` with the following configuration:
-
-  - **Ruleset Name:** `Restrict Release Branches`
-  - **Enforcement Status:** `Active`
-  - Click `+ Add bypass`
-    - **CHECK** `Repository Admin`
-  - Click `+ Add target`
-    - Select `Include by pattern`
-      - **Naming Pattern:** `release/*`
-    - Select `Include by pattern`
-      - **Naming Pattern:** `release/**/*`
-  - Under **Branch protections**:
-    - **CHECK** `Restrict creations`
-    - **CHECK** `Restrict updates`
-    - **CHECK** `Require status checks to pass before merging`
-      - **CHECK** `Require branches to be up to date before merging`
-      - Add **`MegaLinter`** and click the `+` button
+In the project, visit the [`.github/.config/rulesets`](.github/.config/rulesets) and import each of the GitHub Rulesets
+in the directory into the project:
+
+- [ ] Branch Common Rules
+- [ ] Branch Environment Rules
+- [ ] Branch Release Patterns
+- [ ] Tag Common Rules
+- [ ] Tag Release Patterns
 
 ### Labels