There isn’t a specific guide to accomplish this exactly as you’ve described, but I’ll share some resources that might help you get on your way of implementing a more secure workflow around code changes.
One approach that you can take is setting
master to be a protected branch. Protected branches ensure that collaborators on your repository cannot make irrevocable changes to branches. Enabling protected branches also allows you to enable other optional checks and requirements, like required status checks and required reviews.
Once setup, you can also leverage our code owners feature: you can use a CODEOWNERS file to define individuals or teams that are responsible for code in a repository. In the example you’ve presented, you can create a CODEOWNERS file that sets some team to “own” the
/qa folder and any of its contents and have one particular person “own” the
Here are some additional guides that aid in this process:
Does this help with what you’re looking for?