Project maintenance: add branch protection rules for specific branches

[paulo-ferraz-oliveira]

Figure out which ones we're gonna end up using and protect those...

[paulo-ferraz-oliveira]

Should wait on #1 to understand what is feasible/reasonable.

[paulo-ferraz-oliveira]

There's no actions to run, but I'll still just do the following (Settings)

If this is too strict we can easily revert it. Closing...

[wojtekmach]

Could you revert this change? This caused this failure: https://github.com/erlef/otp_builds/actions/runs/11788301224/job/32835157101

[paulo-ferraz-oliveira]

Is this using a bot? Or a PAT?

[paulo-ferraz-oliveira]

It should be possible to allow bypassing for specific actors, but I'm not sure (yet?) how this is set up. Not having branch protection rules means you can accidentally push to the default branch, for example.

[paulo-ferraz-oliveira]

@starbelly, could we create an Actions Bot, for ErlEF to use in repos where automation is required?

[paulo-ferraz-oliveira]

I found we had an unused secret (in the settings; it's still there). I tried to use it, but it didn't work (I also don't know how it was generated). I know how to have branch protection rules alongside automation, but I've only seen it work with either a PAT (less recommended option, since it's tied to a person) or a bot (which we could create for ErlEF and use in other repositories).

In any case, for the time being, the rule is Disabled, so the workflow is back to working. Sorry for the noise, @wojtekmach.

For https://github.com/jelly-beam/otp-macos this works because we go through a pull request (automated creation and merge), but I can understand it being noisy / undesired.

[wojtekmach]

Thank you for all the help.

Yeah the secret was most likely a leftover from my attempts of making the „fork” work. I’ll remove it.

As an aside, I was expecting there would be a fair amount of commits from the bot but not quite that many, on a daily basis it is master, maint, maint-{25,27} per architecture which is a fair amount. (It can be cut down by being smarter and not building, say, maint-25 if the branch didn’t change.) I think this is fine but perhaps shoving all of that churn into another branch would be beneficial, not only main branch would be easier to follow I imagine it would be easier to have branch protection rules (or lack thereof) on a per branch basis. I think we can roll with what we have but if this resonates, I think it might be something to consider for the future.

[starbelly]

I see this is closed now. Let me know if anything further is needed.

[paulo-ferraz-oliveira]

If you could help ErlEf in creating a bot for automated actions it'd be nice. It'd simplify the actions, for example, since we wouldn't need permissions, but it's not necessary for the now; it's just a nice-to-have, if you have time.