Thanks @nadiajoyce . A use case here would be using the terraform github provider. 

https://github.com/terraform-providers/terraform-provider-github/issues/164

Unfortunate that the api support didn’t come in advance of or with the ux support… makes it hard to take advantage of when programatically creating the repositories on behalf of someone who wont have rights to create the restrictions.  Hopefully it will be coming in the not too distant future.

@nadiajoyce - Is there any update on potentially enabling this feature?  This is a significant painpoint for migrating my Organization (130+ repos) to GitHub.  As is, I’m stuck configuring this manually for each repo as we have a hard requirement for wildcard branch protection.  It would be great to be able to automate this.  

+1 for this being a real nuisance and gap in the octokit APIs.  It makes no sense that these can be created, edited and deleted manually using the UI, but there is no programmatic mechanism for doing so.

Can you please explain the technical details regarding why this is difficult or hasn’t been implemented?

Hello, I know this question is related to the Rest API v3 and you may have to stick with it but there is a mutation available using the octokit GraphQL API V4. It supports actual pattern such as release/* or hotfix/*.

See example below:

const { graphql } = require('@octokit/graphql');
const octoql = graphql.defaults({

headers: {

authorization: token ${process.env.GITHUB_TOKEN}

}

});
octoql(

mutation($input: CreateBranchProtectionRuleInput!) { createBranchProtectionRule(input: $input) { branchProtectionRule { id } } },

{

input: {

repositoryId: repo.data.node_id,

pattern: "release/*",

dismissesStaleReviews: true,

requiresApprovingReviews: true,

requiredApprovingReviewCount: 1,

isAdminEnforced: true,

requiresStatusChecks: null

}

}

);

You can get the repositoryId using the Rest API or the GraphQL API.

Hope this helps.

For anyone trying to work GraphQL into a cURL call / shell script (like I was), after a lot of pain I eventually found success with something like this.  You’ll have to rework it for the protections you need, and obviously replace the ‘xxxxxxx’ values with your actual hex IDs.  Hopefully this helps someone, I wasn’t able to find examples of this anywhere. 

function generate_gh_wildcard_branch_post_data() {
local repo_node_id="xxxxxxxxxxxxxxxxxxxxxxxx"
local pattern="release/*"
local admin_team_node_id="xxxxxxxxxxxxxxxxxxxxxxxxx"
local write_team_node_id="xxxxxxxxxxxxxxxxxxxxxxxxx"
cat <<EOF
{"query": "mutation CreateBranchProtectionRule { createBranchProtectionRule(input:{repositoryId:\"$repo_node_id\" pattern:\"$pattern\" requiresApprovingReviews: true requiredApprovingReviewCount: 2 requiresCodeOwnerReviews: true restrictsPushes: true pushActorIds: [\"$admin_team_node_id\" \"$write_team_node_id\"] dismissesStaleReviews: true}) { clientMutationId } }"}
EOF
}
function github_add_wildcard_branch_protection {

local payload="$(generate_gh_wildcard_branch_post_data)"

curl -ks -X POST 

-H 'Content-Type: application/json' 

-H "Authorization: bearer $GITHUB_TOKEN" 

--data "$payload" 

$GITHUB_GRAPHQL_API

}

Is there any update on this being added to the GitHub Rest API? GitLab solved this issue over 2 years ago and this is a pretty large pain point for our organization in having to update hundreds of repositories manually so they all have the same branch protection rules. For reference we don’t have time/skillset to implement the GraphQL solution and believe this should be supported in the Rest API since it’s possible through the normal web UI.

Is this request on the radar for GitHub? It would be an extremely helpful feature!

Any update on this and whether its been added to the roadmap?

I would be also interested in an update on this API. It feels really strange that the API looks so different from how you configure things in the UI. Likely a historical thing but still, there is no way to reproduce the “clicks” you do on the UI.

An example: we have one branch protection for release/* requiring review by the release manager on all our release branches. We would like to create/maintain this rule via API to roll it out across all our repos consistently. I see no way to achieve this by today. Any API action, will mess with previously UI created rules instead of just adapting settings.

Is there any chance of an update from Github on this? We need to make a similar branch protection rule across dozens of repositories that are all based on a wildcard branch name.

I want to be able to list all branch protection rules on the repo. ThIs currently seems not to be possible with the REST API

I also have the release/* workflow, would there be any updates on this issue ? :)

Hey y'all,

Probably not the exact answer everyone is looking for but we recently announced the public beta of Repository rules, which is intended to be the future of protected branches.

One of the subtle changes for most but relevant for y'all is we have ensured the REST endpoint does support wildcards as well as multiple conditions for matching branches.

"conditions": {
    "ref_name": {
      "include": [
        "refs/heads/release*",
        "refs/heads/main"
      ],
      "exclude": [
        "refs/heads/dev*"
      ]
    }