Create branch protection rules at an organization level

I’m looking to see if there is a way to apply a default branch protection rule on master that is provided to all newly created repos. So let’s say my organiztion is 

Jason

which has the repos

Jason/eatsLunch

Jason/eatsDinner

Jason/sleepsLate

Is there a way to make a default protection for master that applies to any new repos I create, like

Jason/doesTheDishes

Jason/doesLaundry

so that a rule would be created for master branch that requires an approved PR to commit to master and that approvals are automatically dismissed if a new upload to the branch becomes available, etc. Right now, we have a guide for my team on setting this up when they make a new repo, but we’d like something a bit more automatically enforced. Is there angle through the API I should investigate?

Hi @grigjd3,

Thanks for reaching out! If you’re a repository owner or have admin permissions in a repository, you can customize branch protections in the repository and enforce certain workflows per repo, perhaps CODEOWNERS could work here?

Thanks, I think either I’m misunderstanding CODEOWNERS or I am doing a bad job of communicating.  I realize I can add branch protections in a repo. What I’m trying to address is making sure that when my engineering team starts new projects (we do this fairly often), that we always have the same branch protections on master in each new project. If the person creating the new repo under our org has to manually set the branch protections each time, there are chances it won’t get set correctly.  

It would be great if I could set a template branch protection for master that gets automagically applied to every new repo under our org. If the answer is that this functionality doesn’t exist, I’ll try to handle this through documentation or maybe through cloning a template repo, but it would be nice if this capability were built into github, given that github adds the concept of organizations on top of git.

4 Likes

Hi @grigjd3 

Unfortunately, there is no native capability to standardize branch protection rules across an Organization in GitHub (As of this reply). We are working on it and in the interim I see many of our Enterprise customers developing automation for this purpose either as a GitHub App or (soon) an Org level Action. When a repo is created, when rules are modified (if webhook available) and on Cron they scan the repo(s) and enforce their protection rules using the API.

Also really surprised there’s no way to specify default branch protection rules for the organization or account to apply to all new repos. This should definitely be a core feature.

+1 for this feature.

+1. this is something that’s sorely needed.

+1 Any update on this?