Secure Configurations: Hardening & Technology Setup
      Back to home
      1. Trustero Support
      2. Phase 3: Operationalize Controls
      3. Secure Configurations: Hardening & Technology Setup

      GitHub Branch Protection Rule

      How do I configure GitHub branch protection so it's recognized by Trustero?

      GitHub branch protection rules offer many options. In order for Trustero to consider “Branch Protection Enabled” for a given branch, there are four specific rules that must be enabled:

      1. Require a pull request before merging
      2. Require approvals
      3. Require status checks to pass before merging
      4. Require branches to be up to date before merging

       

      Other rules are optional. Choose what makes sense for your organization.

       

      Instructions for enabling the required rules in GitHub:

      1. Navigate to the repository where you want to enable branch protection.
      2. Under the repository name, select the “Settings” tab.
      3. In the “Code and automation” section of the sidebar, select “Branches”.
      4. Next to “Branch protection rules”, select “Add rule or edit an existing rule”.
      5. In the field below “Branch name pattern”, type the branch name or pattern to protect.
      6. Under “Protect matching branches”, enable the following:
        1. “Require a pull request before merging”
        2. “Require approvals”
        3. “Require status checks to pass before merging”
        4. “Require branches to be up to date before merging”
      7. Click “Save Changes”

       

      The final settings should look similar to the image below.

      Screenshot 2024-06-13 at 7.38.25 AM