Branch Filter for Environment Protection Rules #27117
-
The recently announced environment protection rules and environment secrets feature is interesting. However, one big capability it is missing is the ability to specify a branch filter as an environment protection rule. Example: Specify workflows triggered from main branch are the only ones to access certain environment secrets. This way it can be combined with existing branch protection rules to only deploy code that’s been reviewed and merged to a specific branch like main. The GitHub BlogGitHub Actions: Environments, environment protection rules and environment...GitHub Actions: Environments, environment protection rules and environment secrets (beta) |
Beta Was this translation helpful? Give feedback.
Replies: 7 comments
-
Yes this is one of the items we want to add before we exist the beta. |
Beta Was this translation helpful? Give feedback.
-
@chrispat Are there any plans of rolling this out to private repos of paid plans other than Enterprise? |
Beta Was this translation helpful? Give feedback.
-
@chrispat I have the same question: are Environments (including protection rules, required reviewers and env secrets) going to be available for private repos in other paid plans besides Enterprise level? Our org is on the Github Team plan and we would really like to take advantage of these features. We’re trying to show that we can migrate from Jenkins to GitHub Actions completely. Thanks! |
Beta Was this translation helpful? Give feedback.
-
Is there any way to make branch filter rules apply to tags? |
Beta Was this translation helpful? Give feedback.
-
Given GitHub does not have a concept of protected tags we decided to only include branches in the matching for Environments. If protected tags come in the figure we will likely update the environment rules. |
Beta Was this translation helpful? Give feedback.
-
While I get that, given that builds can be kicked off by a push to a tag (and a release), it would be REALLY helpful to be able to apply to tags so that you can control what tags are allowed to kick off certain builds–regardless of a tags “protected” status. |
Beta Was this translation helpful? Give feedback.
-
I wanted to point that GitHub has released this functionality in case anybody missed it or ends up here later. The GitHub BlogGitHub Actions: Limit which branches can deploy to an environment | GitHub...GitHub Actions: Limit which branches can deploy to an environment |
Beta Was this translation helpful? Give feedback.
I wanted to point that GitHub has released this functionality in case anybody missed it or ends up here later.
The GitHub BlogGitHub Actions: Limit which branches can deploy to an environment | GitHub...
GitHub Actions: Limit which branches can deploy to an environment