Points de terminaison d’API REST pour les règles

Get all organization repository rulesets

Get all the repository rulesets for an organization.

Jetons d’accès affinés pour « Get all organization repository rulesets »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

"Administration" organization permissions (write)

Paramètres pour « Get all organization repository rulesets »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Obligatoire The organization name. The name is not case sensitive.

Paramètres de requête
Nom, Type, Description
`per_page` integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Default: `30`
`page` integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Default: `1`
`targets` string A comma-separated list of rule targets to filter by. If provided, only rulesets that apply to the specified targets will be returned. For example, `branch,tag,push`.

Codes d’état de la réponse HTTP pour « Get all organization repository rulesets »

Code d’état	Description
`200`	OK
`404`	Resource not found
`500`	Internal Error

Exemples de code pour « Get all organization repository rulesets »

Exemple de requête

get/orgs/{org}/rulesets

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/orgs/ORG/rulesets

Response

Status: 200

[
  {
    "id": 21,
    "name": "super cool ruleset",
    "source_type": "Organization",
    "source": "my-org",
    "enforcement": "enabled",
    "node_id": "RRS_lACkVXNlcgQB",
    "_links": {
      "self": {
        "href": "https://api.github.com/orgs/my-org/rulesets/21"
      },
      "html": {
        "href": "https://github.com/organizations/my-org/settings/rules/21"
      }
    },
    "created_at": "2023-07-15T08:43:03Z",
    "updated_at": "2023-08-23T16:29:47Z"
  },
  {
    "id": 432,
    "name": "Another ruleset",
    "source_type": "Organization",
    "source": "my-org",
    "enforcement": "enabled",
    "node_id": "RRS_lACkVXNlcgQQ",
    "_links": {
      "self": {
        "href": "https://api.github.com/orgs/my-org/rulesets/432"
      },
      "html": {
        "href": "https://github.com/organizations/my-org/settings/rules/432"
      }
    },
    "created_at": "2023-08-15T08:43:03Z",
    "updated_at": "2023-09-23T16:29:47Z"
  }
]

Create an organization repository ruleset

Create a repository ruleset for an organization.

Jetons d’accès affinés pour « Create an organization repository ruleset »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

"Administration" organization permissions (write)

Paramètres pour « Create an organization repository ruleset »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Obligatoire The organization name. The name is not case sensitive.

Nom, Type, Description

name string Obligatoire

The name of the ruleset.

target string

The target of the ruleset

Default: branch

Peut être: branch, tag, push, repository

enforcement string Obligatoire

The enforcement level of the ruleset. evaluate allows admins to test rules before enforcing them. Admins can view insights on the Rule Insights page (evaluate is only available with GitHub Enterprise).

Peut être: disabled, active, evaluate

bypass_actors array of objects

The actors that can bypass the rules in this ruleset

Properties of bypass_actors

Nom, Type, Description
`actor_id` integer or null The ID of the actor that can bypass a ruleset. If `actor_type` is `OrganizationAdmin`, this should be `1`. If `actor_type` is `DeployKey`, this should be null. `OrganizationAdmin` is not applicable for personal repositories.
`actor_type` string Obligatoire The type of actor that can bypass a ruleset. Peut être: `Integration`, `OrganizationAdmin`, `RepositoryRole`, `Team`, `DeployKey`
`bypass_mode` string When the specified actor can bypass the ruleset. `pull_request` means that an actor can only bypass rules on pull requests. `pull_request` is not applicable for the `DeployKey` actor type. Also, `pull_request` is only applicable to branch rulesets. Default: `always` Peut être: `always`, `pull_request`

conditions object

Conditions for an organization ruleset. The branch and tag rulesets conditions object should contain both repository_name and ref_name properties, or both repository_id and ref_name properties, or both repository_property and ref_name properties. The push rulesets conditions object does not require the ref_name property. For repository policy rulesets, the conditions object should only contain the repository_name, the repository_id, or the repository_property.

Can be one of these objects:

Nom, Type, Description

repository_name_and_ref_name object Obligatoire

Conditions to target repositories by name and refs by name

Properties of repository_name_and_ref_name

Nom, Type, Description

ref_name object

Properties of ref_name

Nom, Type, Description
`include` array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~DEFAULT_BRANCH` to include the default branch or `~ALL` to include all branches.
`exclude` array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.

repository_name object Obligatoire

Properties of repository_name

Nom, Type, Description
`include` array of strings Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~ALL` to include all repositories.
`exclude` array of strings Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match.
`protected` boolean Whether renaming of target repositories is prevented.

repository_id_and_ref_name object Obligatoire

Conditions to target repositories by id and refs by name

Properties of repository_id_and_ref_name

Nom, Type, Description

ref_name object

Properties of ref_name

Nom, Type, Description
`include` array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~DEFAULT_BRANCH` to include the default branch or `~ALL` to include all branches.
`exclude` array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.

repository_id object Obligatoire

Properties of repository_id

Nom, Type, Description
`repository_ids` array of integers The repository IDs that the ruleset applies to. One of these IDs must match for the condition to pass.

repository_property_and_ref_name object Obligatoire

Conditions to target repositories by property and refs by name

Properties of repository_property_and_ref_name

Nom, Type, Description

ref_name object

Properties of ref_name

Nom, Type, Description
`include` array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~DEFAULT_BRANCH` to include the default branch or `~ALL` to include all branches.
`exclude` array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.

repository_property object Obligatoire

Properties of repository_property

Nom, Type, Description

include array of objects

The repository properties and values to include. All of these properties must match for the condition to pass.

Properties of include

Nom, Type, Description
`name` string Obligatoire The name of the repository property to target
`property_values` array of strings Obligatoire The values to match for the repository property
`source` string The source of the repository property. Defaults to 'custom' if not specified. Peut être: `custom`, `system`

exclude array of objects

The repository properties and values to exclude. The condition will not pass if any of these properties match.

Properties of exclude

Nom, Type, Description
`name` string Obligatoire The name of the repository property to target
`property_values` array of strings Obligatoire The values to match for the repository property
`source` string The source of the repository property. Defaults to 'custom' if not specified. Peut être: `custom`, `system`

rules array of objects

An array of rules within the ruleset.

Can be one of these objects:

Nom, Type, Description

creation object Obligatoire

Only allow users with bypass permission to create matching refs.

Properties of creation

Nom, Type, Description
`type` string Obligatoire Value: `creation`

update object Obligatoire

Only allow users with bypass permission to update matching refs.

Properties of update

Nom, Type, Description

type string Obligatoire

Value: update

parameters object

Properties of parameters

Nom, Type, Description
`update_allows_fetch_and_merge` boolean Obligatoire Branch can pull changes from its upstream repository

deletion object Obligatoire

Only allow users with bypass permissions to delete matching refs.

Properties of deletion

Nom, Type, Description
`type` string Obligatoire Value: `deletion`

required_linear_history object Obligatoire

Prevent merge commits from being pushed to matching refs.

Properties of required_linear_history

Nom, Type, Description
`type` string Obligatoire Value: `required_linear_history`

merge_queue object Obligatoire

Merges must be performed via a merge queue.

Properties of merge_queue

Nom, Type, Description

type string Obligatoire

Value: merge_queue

parameters object

Properties of parameters

Nom, Type, Description
`check_response_timeout_minutes` integer Obligatoire Maximum time for a required status check to report a conclusion. After this much time has elapsed, checks that have not reported a conclusion will be assumed to have failed
`grouping_strategy` string Obligatoire When set to ALLGREEN, the merge commit created by merge queue for each PR in the group must pass all required checks to merge. When set to HEADGREEN, only the commit at the head of the merge group, i.e. the commit containing changes from all of the PRs in the group, must pass its required checks to merge. Peut être: `ALLGREEN`, `HEADGREEN`
`max_entries_to_build` integer Obligatoire Limit the number of queued pull requests requesting checks and workflow runs at the same time.
`max_entries_to_merge` integer Obligatoire The maximum number of PRs that will be merged together in a group.
`merge_method` string Obligatoire Method to use when merging changes from queued pull requests. Peut être: `MERGE`, `SQUASH`, `REBASE`
`min_entries_to_merge` integer Obligatoire The minimum number of PRs that will be merged together in a group.
`min_entries_to_merge_wait_minutes` integer Obligatoire The time merge queue should wait after the first PR is added to the queue for the minimum group size to be met. After this time has elapsed, the minimum group size will be ignored and a smaller group will be merged.

required_deployments object Obligatoire

Choose which environments must be successfully deployed to before refs can be pushed into a ref that matches this rule.

Properties of required_deployments

Nom, Type, Description

type string Obligatoire

Value: required_deployments

parameters object

Properties of parameters

Nom, Type, Description
`required_deployment_environments` array of strings Obligatoire The environments that must be successfully deployed to before branches can be merged.

required_signatures object Obligatoire

Commits pushed to matching refs must have verified signatures.

Properties of required_signatures

Nom, Type, Description
`type` string Obligatoire Value: `required_signatures`

pull_request object Obligatoire

Require all commits be made to a non-target branch and submitted via a pull request before they can be merged.

Properties of pull_request

Nom, Type, Description

type string Obligatoire

Value: pull_request

parameters object

Properties of parameters

Nom, Type, Description
`allowed_merge_methods` array of strings Array of allowed merge methods. Allowed values include `merge`, `squash`, and `rebase`. At least one option must be enabled. Supported values are: `merge`, `squash`, `rebase`
`automatic_copilot_code_review_enabled` boolean Automatically request review from Copilot for new pull requests, if the author has access to Copilot code review.
`dismiss_stale_reviews_on_push` boolean Obligatoire New, reviewable commits pushed will dismiss previous pull request review approvals.
`require_code_owner_review` boolean Obligatoire Require an approving review in pull requests that modify files that have a designated code owner.
`require_last_push_approval` boolean Obligatoire Whether the most recent reviewable push must be approved by someone other than the person who pushed it.
`required_approving_review_count` integer Obligatoire The number of approving reviews that are required before a pull request can be merged.
`required_review_thread_resolution` boolean Obligatoire All conversations on code must be resolved before a pull request can be merged.

required_status_checks object Obligatoire

Choose which status checks must pass before the ref is updated. When enabled, commits must first be pushed to another ref where the checks pass.

Properties of required_status_checks

Nom, Type, Description

type string Obligatoire

Value: required_status_checks

parameters object

Properties of parameters

Nom, Type, Description

do_not_enforce_on_create boolean

Allow repositories and branches to be created if a check would otherwise prohibit it.

required_status_checks array of objects Obligatoire

Status checks that are required.

Properties of required_status_checks

Nom, Type, Description
`context` string Obligatoire The status check context name that must be present on the commit.
`integration_id` integer The optional integration ID that this status check must originate from.

strict_required_status_checks_policy boolean Obligatoire

Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled.

non_fast_forward object Obligatoire

Prevent users with push access from force pushing to refs.

Properties of non_fast_forward

Nom, Type, Description
`type` string Obligatoire Value: `non_fast_forward`

commit_message_pattern object Obligatoire

Parameters to be used for the commit_message_pattern rule

Properties of commit_message_pattern

Nom, Type, Description

type string Obligatoire

Value: commit_message_pattern

parameters object

Properties of parameters

Nom, Type, Description
`name` string How this rule will appear to users.
`negate` boolean If true, the rule will fail if the pattern matches.
`operator` string Obligatoire The operator to use for matching. Peut être: `starts_with`, `ends_with`, `contains`, `regex`
`pattern` string Obligatoire The pattern to match with.

commit_author_email_pattern object Obligatoire

Parameters to be used for the commit_author_email_pattern rule

Properties of commit_author_email_pattern

Nom, Type, Description

type string Obligatoire

Value: commit_author_email_pattern

parameters object

Properties of parameters

Nom, Type, Description
`name` string How this rule will appear to users.
`negate` boolean If true, the rule will fail if the pattern matches.
`operator` string Obligatoire The operator to use for matching. Peut être: `starts_with`, `ends_with`, `contains`, `regex`
`pattern` string Obligatoire The pattern to match with.

committer_email_pattern object Obligatoire

Parameters to be used for the committer_email_pattern rule

Properties of committer_email_pattern

Nom, Type, Description

type string Obligatoire

Value: committer_email_pattern

parameters object

Properties of parameters

Nom, Type, Description
`name` string How this rule will appear to users.
`negate` boolean If true, the rule will fail if the pattern matches.
`operator` string Obligatoire The operator to use for matching. Peut être: `starts_with`, `ends_with`, `contains`, `regex`
`pattern` string Obligatoire The pattern to match with.

branch_name_pattern object Obligatoire

Parameters to be used for the branch_name_pattern rule

Properties of branch_name_pattern

Nom, Type, Description

type string Obligatoire

Value: branch_name_pattern

parameters object

Properties of parameters

Nom, Type, Description
`name` string How this rule will appear to users.
`negate` boolean If true, the rule will fail if the pattern matches.
`operator` string Obligatoire The operator to use for matching. Peut être: `starts_with`, `ends_with`, `contains`, `regex`
`pattern` string Obligatoire The pattern to match with.

tag_name_pattern object Obligatoire

Parameters to be used for the tag_name_pattern rule

Properties of tag_name_pattern

Nom, Type, Description

type string Obligatoire

Value: tag_name_pattern

parameters object

Properties of parameters

Nom, Type, Description
`name` string How this rule will appear to users.
`negate` boolean If true, the rule will fail if the pattern matches.
`operator` string Obligatoire The operator to use for matching. Peut être: `starts_with`, `ends_with`, `contains`, `regex`
`pattern` string Obligatoire The pattern to match with.

file_path_restriction object Obligatoire

Prevent commits that include changes in specified file and folder paths from being pushed to the commit graph. This includes absolute paths that contain file names.

Properties of file_path_restriction

Nom, Type, Description

type string Obligatoire

Value: file_path_restriction

parameters object

Properties of parameters

Nom, Type, Description
`restricted_file_paths` array of strings Obligatoire The file paths that are restricted from being pushed to the commit graph.

max_file_path_length object Obligatoire

Prevent commits that include file paths that exceed the specified character limit from being pushed to the commit graph.

Properties of max_file_path_length

Nom, Type, Description

type string Obligatoire

Value: max_file_path_length

parameters object

Properties of parameters

Nom, Type, Description
`max_file_path_length` integer Obligatoire The maximum amount of characters allowed in file paths.

file_extension_restriction object Obligatoire

Prevent commits that include files with specified file extensions from being pushed to the commit graph.

Properties of file_extension_restriction

Nom, Type, Description

type string Obligatoire

Value: file_extension_restriction

parameters object

Properties of parameters

Nom, Type, Description
`restricted_file_extensions` array of strings Obligatoire The file extensions that are restricted from being pushed to the commit graph.

max_file_size object Obligatoire

Prevent commits with individual files that exceed the specified limit from being pushed to the commit graph.

Properties of max_file_size

Nom, Type, Description

type string Obligatoire

Value: max_file_size

parameters object

Properties of parameters

Nom, Type, Description
`max_file_size` integer Obligatoire The maximum file size allowed in megabytes. This limit does not apply to Git Large File Storage (Git LFS).

workflows object Obligatoire

Require all changes made to a targeted branch to pass the specified workflows before they can be merged.

Properties of workflows

Nom, Type, Description

type string Obligatoire

Value: workflows

parameters object

Properties of parameters

Nom, Type, Description

do_not_enforce_on_create boolean

Allow repositories and branches to be created if a check would otherwise prohibit it.

workflows array of objects Obligatoire

Workflows that must pass for this rule to pass.

Properties of workflows

Nom, Type, Description
`path` string Obligatoire The path to the workflow file
`ref` string The ref (branch or tag) of the workflow file to use
`repository_id` integer Obligatoire The ID of the repository where the workflow is defined
`sha` string The commit SHA of the workflow file to use

code_scanning object Obligatoire

Choose which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated.

Properties of code_scanning

Nom, Type, Description

type string Obligatoire

Value: code_scanning

parameters object

Properties of parameters

Nom, Type, Description

code_scanning_tools array of objects Obligatoire

Tools that must provide code scanning results for this rule to pass.

Properties of code_scanning_tools

Nom, Type, Description
`alerts_threshold` string Obligatoire The severity level at which code scanning results that raise alerts block a reference update. For more information on alert severity levels, see "About code scanning alerts." Peut être: `none`, `errors`, `errors_and_warnings`, `all`
`security_alerts_threshold` string Obligatoire The severity level at which code scanning results that raise security alerts block a reference update. For more information on security severity levels, see "About code scanning alerts." Peut être: `none`, `critical`, `high_or_higher`, `medium_or_higher`, `all`
`tool` string Obligatoire The name of a code scanning tool

Codes d’état de la réponse HTTP pour « Create an organization repository ruleset »

Code d’état	Description
`201`	Created
`404`	Resource not found
`500`	Internal Error

Exemples de code pour « Create an organization repository ruleset »

Exemple de requête

post/orgs/{org}/rulesets

curl -L \
  -X POST \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/orgs/ORG/rulesets \
  -d '{"name":"super cool ruleset","target":"branch","enforcement":"active","bypass_actors":[{"actor_id":234,"actor_type":"Team","bypass_mode":"always"}],"conditions":{"ref_name":{"include":["refs/heads/main","refs/heads/master"],"exclude":["refs/heads/dev*"]},"repository_name":{"include":["important_repository","another_important_repository"],"exclude":["unimportant_repository"],"protected":true}},"rules":[{"type":"commit_author_email_pattern","parameters":{"operator":"contains","pattern":"github"}}]}'

Response

Status: 201

{
  "id": 21,
  "name": "super cool ruleset",
  "target": "branch",
  "source_type": "Organization",
  "source": "my-org",
  "enforcement": "active",
  "bypass_actors": [
    {
      "actor_id": 234,
      "actor_type": "Team",
      "bypass_mode": "always"
    }
  ],
  "conditions": {
    "ref_name": {
      "include": [
        "refs/heads/main",
        "refs/heads/master"
      ],
      "exclude": [
        "refs/heads/dev*"
      ]
    },
    "repository_name": {
      "include": [
        "important_repository",
        "another_important_repository"
      ],
      "exclude": [
        "unimportant_repository"
      ],
      "protected": true
    }
  },
  "rules": [
    {
      "type": "commit_author_email_pattern",
      "parameters": {
        "operator": "contains",
        "pattern": "github"
      }
    }
  ],
  "node_id": "RRS_lACkVXNlcgQB",
  "_links": {
    "self": {
      "href": "https://api.github.com/orgs/my-org/rulesets/21"
    },
    "html": {
      "href": "https://github.com/organizations/my-org/settings/rules/21"
    }
  },
  "created_at": "2023-08-15T08:43:03Z",
  "updated_at": "2023-09-23T16:29:47Z"
}

Get an organization repository ruleset

Get a repository ruleset for an organization.

Note: To prevent leaking sensitive information, the bypass_actors property is only returned if the user making the API request has write access to the ruleset.

Jetons d’accès affinés pour « Get an organization repository ruleset »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

"Administration" organization permissions (write)

Paramètres pour « Get an organization repository ruleset »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Obligatoire The organization name. The name is not case sensitive.
`ruleset_id` integer Obligatoire The ID of the ruleset.

Codes d’état de la réponse HTTP pour « Get an organization repository ruleset »

Code d’état	Description
`200`	OK
`404`	Resource not found
`500`	Internal Error

Exemples de code pour « Get an organization repository ruleset »

Exemple de requête

get/orgs/{org}/rulesets/{ruleset_id}

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/orgs/ORG/rulesets/RULESET_ID

Response

Status: 200

{
  "id": 21,
  "name": "super cool ruleset",
  "target": "branch",
  "source_type": "Organization",
  "source": "my-org",
  "enforcement": "active",
  "bypass_actors": [
    {
      "actor_id": 234,
      "actor_type": "Team",
      "bypass_mode": "always"
    }
  ],
  "conditions": {
    "ref_name": {
      "include": [
        "refs/heads/main",
        "refs/heads/master"
      ],
      "exclude": [
        "refs/heads/dev*"
      ]
    },
    "repository_name": {
      "include": [
        "important_repository",
        "another_important_repository"
      ],
      "exclude": [
        "unimportant_repository"
      ],
      "protected": true
    }
  },
  "rules": [
    {
      "type": "commit_author_email_pattern",
      "parameters": {
        "operator": "contains",
        "pattern": "github"
      }
    }
  ],
  "node_id": "RRS_lACkVXNlcgQB",
  "_links": {
    "self": {
      "href": "https://api.github.com/orgs/my-org/rulesets/21"
    },
    "html": {
      "href": "https://github.com/organizations/my-org/settings/rules/21"
    }
  },
  "created_at": "2023-08-15T08:43:03Z",
  "updated_at": "2023-09-23T16:29:47Z"
}

Update an organization repository ruleset

Update a ruleset for an organization.

Jetons d’accès affinés pour « Update an organization repository ruleset »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

"Administration" organization permissions (write)

Paramètres pour « Update an organization repository ruleset »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Obligatoire The organization name. The name is not case sensitive.
`ruleset_id` integer Obligatoire The ID of the ruleset.

Nom, Type, Description

name string

The name of the ruleset.

target string

The target of the ruleset

Peut être: branch, tag, push, repository

enforcement string

The enforcement level of the ruleset. evaluate allows admins to test rules before enforcing them. Admins can view insights on the Rule Insights page (evaluate is only available with GitHub Enterprise).

Peut être: disabled, active, evaluate

bypass_actors array of objects

The actors that can bypass the rules in this ruleset

Properties of bypass_actors

Nom, Type, Description
`actor_id` integer or null The ID of the actor that can bypass a ruleset. If `actor_type` is `OrganizationAdmin`, this should be `1`. If `actor_type` is `DeployKey`, this should be null. `OrganizationAdmin` is not applicable for personal repositories.
`actor_type` string Obligatoire The type of actor that can bypass a ruleset. Peut être: `Integration`, `OrganizationAdmin`, `RepositoryRole`, `Team`, `DeployKey`
`bypass_mode` string When the specified actor can bypass the ruleset. `pull_request` means that an actor can only bypass rules on pull requests. `pull_request` is not applicable for the `DeployKey` actor type. Also, `pull_request` is only applicable to branch rulesets. Default: `always` Peut être: `always`, `pull_request`

conditions object

Conditions for an organization ruleset. The branch and tag rulesets conditions object should contain both repository_name and ref_name properties, or both repository_id and ref_name properties, or both repository_property and ref_name properties. The push rulesets conditions object does not require the ref_name property. For repository policy rulesets, the conditions object should only contain the repository_name, the repository_id, or the repository_property.

Can be one of these objects:

Nom, Type, Description

repository_name_and_ref_name object Obligatoire

Conditions to target repositories by name and refs by name

Properties of repository_name_and_ref_name

Nom, Type, Description

ref_name object

Properties of ref_name

Nom, Type, Description
`include` array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~DEFAULT_BRANCH` to include the default branch or `~ALL` to include all branches.
`exclude` array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.

repository_name object Obligatoire

Properties of repository_name

Nom, Type, Description
`include` array of strings Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~ALL` to include all repositories.
`exclude` array of strings Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match.
`protected` boolean Whether renaming of target repositories is prevented.

repository_id_and_ref_name object Obligatoire

Conditions to target repositories by id and refs by name

Properties of repository_id_and_ref_name

Nom, Type, Description

ref_name object

Properties of ref_name

Nom, Type, Description
`include` array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~DEFAULT_BRANCH` to include the default branch or `~ALL` to include all branches.
`exclude` array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.

repository_id object Obligatoire

Properties of repository_id

Nom, Type, Description
`repository_ids` array of integers The repository IDs that the ruleset applies to. One of these IDs must match for the condition to pass.

repository_property_and_ref_name object Obligatoire

Conditions to target repositories by property and refs by name

Properties of repository_property_and_ref_name

Nom, Type, Description

ref_name object

Properties of ref_name

Nom, Type, Description
`include` array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts `~DEFAULT_BRANCH` to include the default branch or `~ALL` to include all branches.
`exclude` array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.

repository_property object Obligatoire

Properties of repository_property

Nom, Type, Description

include array of objects

The repository properties and values to include. All of these properties must match for the condition to pass.

Properties of include

Nom, Type, Description
`name` string Obligatoire The name of the repository property to target
`property_values` array of strings Obligatoire The values to match for the repository property
`source` string The source of the repository property. Defaults to 'custom' if not specified. Peut être: `custom`, `system`

exclude array of objects

The repository properties and values to exclude. The condition will not pass if any of these properties match.

Properties of exclude

Nom, Type, Description
`name` string Obligatoire The name of the repository property to target
`property_values` array of strings Obligatoire The values to match for the repository property
`source` string The source of the repository property. Defaults to 'custom' if not specified. Peut être: `custom`, `system`

rules array of objects

An array of rules within the ruleset.

Can be one of these objects:

Nom, Type, Description

creation object Obligatoire

Only allow users with bypass permission to create matching refs.

Properties of creation

Nom, Type, Description
`type` string Obligatoire Value: `creation`

update object Obligatoire

Only allow users with bypass permission to update matching refs.

Properties of update

Nom, Type, Description

type string Obligatoire

Value: update

parameters object

Properties of parameters

Nom, Type, Description
`update_allows_fetch_and_merge` boolean Obligatoire Branch can pull changes from its upstream repository

deletion object Obligatoire

Only allow users with bypass permissions to delete matching refs.

Properties of deletion

Nom, Type, Description
`type` string Obligatoire Value: `deletion`

required_linear_history object Obligatoire

Prevent merge commits from being pushed to matching refs.

Properties of required_linear_history

Nom, Type, Description
`type` string Obligatoire Value: `required_linear_history`

merge_queue object Obligatoire

Merges must be performed via a merge queue.

Properties of merge_queue

Nom, Type, Description

type string Obligatoire

Value: merge_queue

parameters object

Properties of parameters

Nom, Type, Description
`check_response_timeout_minutes` integer Obligatoire Maximum time for a required status check to report a conclusion. After this much time has elapsed, checks that have not reported a conclusion will be assumed to have failed
`grouping_strategy` string Obligatoire When set to ALLGREEN, the merge commit created by merge queue for each PR in the group must pass all required checks to merge. When set to HEADGREEN, only the commit at the head of the merge group, i.e. the commit containing changes from all of the PRs in the group, must pass its required checks to merge. Peut être: `ALLGREEN`, `HEADGREEN`
`max_entries_to_build` integer Obligatoire Limit the number of queued pull requests requesting checks and workflow runs at the same time.
`max_entries_to_merge` integer Obligatoire The maximum number of PRs that will be merged together in a group.
`merge_method` string Obligatoire Method to use when merging changes from queued pull requests. Peut être: `MERGE`, `SQUASH`, `REBASE`
`min_entries_to_merge` integer Obligatoire The minimum number of PRs that will be merged together in a group.
`min_entries_to_merge_wait_minutes` integer Obligatoire The time merge queue should wait after the first PR is added to the queue for the minimum group size to be met. After this time has elapsed, the minimum group size will be ignored and a smaller group will be merged.

required_deployments object Obligatoire

Choose which environments must be successfully deployed to before refs can be pushed into a ref that matches this rule.

Properties of required_deployments

Nom, Type, Description

type string Obligatoire

Value: required_deployments

parameters object

Properties of parameters

Nom, Type, Description
`required_deployment_environments` array of strings Obligatoire The environments that must be successfully deployed to before branches can be merged.

required_signatures object Obligatoire

Commits pushed to matching refs must have verified signatures.

Properties of required_signatures

Nom, Type, Description
`type` string Obligatoire Value: `required_signatures`

pull_request object Obligatoire

Require all commits be made to a non-target branch and submitted via a pull request before they can be merged.

Properties of pull_request

Nom, Type, Description

type string Obligatoire

Value: pull_request

parameters object

Properties of parameters

Nom, Type, Description
`allowed_merge_methods` array of strings Array of allowed merge methods. Allowed values include `merge`, `squash`, and `rebase`. At least one option must be enabled. Supported values are: `merge`, `squash`, `rebase`
`automatic_copilot_code_review_enabled` boolean Automatically request review from Copilot for new pull requests, if the author has access to Copilot code review.
`dismiss_stale_reviews_on_push` boolean Obligatoire New, reviewable commits pushed will dismiss previous pull request review approvals.
`require_code_owner_review` boolean Obligatoire Require an approving review in pull requests that modify files that have a designated code owner.
`require_last_push_approval` boolean Obligatoire Whether the most recent reviewable push must be approved by someone other than the person who pushed it.
`required_approving_review_count` integer Obligatoire The number of approving reviews that are required before a pull request can be merged.
`required_review_thread_resolution` boolean Obligatoire All conversations on code must be resolved before a pull request can be merged.

required_status_checks object Obligatoire

Choose which status checks must pass before the ref is updated. When enabled, commits must first be pushed to another ref where the checks pass.

Properties of required_status_checks

Nom, Type, Description

type string Obligatoire

Value: required_status_checks

parameters object

Properties of parameters

Nom, Type, Description

do_not_enforce_on_create boolean

Allow repositories and branches to be created if a check would otherwise prohibit it.

required_status_checks array of objects Obligatoire

Status checks that are required.

Properties of required_status_checks

Nom, Type, Description
`context` string Obligatoire The status check context name that must be present on the commit.
`integration_id` integer The optional integration ID that this status check must originate from.

strict_required_status_checks_policy boolean Obligatoire

Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled.

non_fast_forward object Obligatoire

Prevent users with push access from force pushing to refs.

Properties of non_fast_forward

Nom, Type, Description
`type` string Obligatoire Value: `non_fast_forward`

commit_message_pattern object Obligatoire

Parameters to be used for the commit_message_pattern rule

Properties of commit_message_pattern

Nom, Type, Description

type string Obligatoire

Value: commit_message_pattern

parameters object

Properties of parameters

Nom, Type, Description
`name` string How this rule will appear to users.
`negate` boolean If true, the rule will fail if the pattern matches.
`operator` string Obligatoire The operator to use for matching. Peut être: `starts_with`, `ends_with`, `contains`, `regex`
`pattern` string Obligatoire The pattern to match with.

commit_author_email_pattern object Obligatoire

Parameters to be used for the commit_author_email_pattern rule

Properties of commit_author_email_pattern

Nom, Type, Description

type string Obligatoire

Value: commit_author_email_pattern

parameters object

Properties of parameters

Nom, Type, Description
`name` string How this rule will appear to users.
`negate` boolean If true, the rule will fail if the pattern matches.
`operator` string Obligatoire The operator to use for matching. Peut être: `starts_with`, `ends_with`, `contains`, `regex`
`pattern` string Obligatoire The pattern to match with.

committer_email_pattern object Obligatoire

Parameters to be used for the committer_email_pattern rule

Properties of committer_email_pattern

Nom, Type, Description

type string Obligatoire

Value: committer_email_pattern

parameters object

Properties of parameters

Nom, Type, Description
`name` string How this rule will appear to users.
`negate` boolean If true, the rule will fail if the pattern matches.
`operator` string Obligatoire The operator to use for matching. Peut être: `starts_with`, `ends_with`, `contains`, `regex`
`pattern` string Obligatoire The pattern to match with.

branch_name_pattern object Obligatoire

Parameters to be used for the branch_name_pattern rule

Properties of branch_name_pattern

Nom, Type, Description

type string Obligatoire

Value: branch_name_pattern

parameters object

Properties of parameters

Nom, Type, Description
`name` string How this rule will appear to users.
`negate` boolean If true, the rule will fail if the pattern matches.
`operator` string Obligatoire The operator to use for matching. Peut être: `starts_with`, `ends_with`, `contains`, `regex`
`pattern` string Obligatoire The pattern to match with.

tag_name_pattern object Obligatoire

Parameters to be used for the tag_name_pattern rule

Properties of tag_name_pattern

Nom, Type, Description

type string Obligatoire

Value: tag_name_pattern

parameters object

Properties of parameters

Nom, Type, Description
`name` string How this rule will appear to users.
`negate` boolean If true, the rule will fail if the pattern matches.
`operator` string Obligatoire The operator to use for matching. Peut être: `starts_with`, `ends_with`, `contains`, `regex`
`pattern` string Obligatoire The pattern to match with.

file_path_restriction object Obligatoire

Prevent commits that include changes in specified file and folder paths from being pushed to the commit graph. This includes absolute paths that contain file names.

Properties of file_path_restriction

Nom, Type, Description

type string Obligatoire

Value: file_path_restriction

parameters object

Properties of parameters

Nom, Type, Description
`restricted_file_paths` array of strings Obligatoire The file paths that are restricted from being pushed to the commit graph.

max_file_path_length object Obligatoire

Prevent commits that include file paths that exceed the specified character limit from being pushed to the commit graph.

Properties of max_file_path_length

Nom, Type, Description

type string Obligatoire

Value: max_file_path_length

parameters object

Properties of parameters

Nom, Type, Description
`max_file_path_length` integer Obligatoire The maximum amount of characters allowed in file paths.

file_extension_restriction object Obligatoire

Prevent commits that include files with specified file extensions from being pushed to the commit graph.

Properties of file_extension_restriction

Nom, Type, Description

type string Obligatoire

Value: file_extension_restriction

parameters object

Properties of parameters

Nom, Type, Description
`restricted_file_extensions` array of strings Obligatoire The file extensions that are restricted from being pushed to the commit graph.

max_file_size object Obligatoire

Prevent commits with individual files that exceed the specified limit from being pushed to the commit graph.

Properties of max_file_size

Nom, Type, Description

type string Obligatoire

Value: max_file_size

parameters object

Properties of parameters

Nom, Type, Description
`max_file_size` integer Obligatoire The maximum file size allowed in megabytes. This limit does not apply to Git Large File Storage (Git LFS).

workflows object Obligatoire

Require all changes made to a targeted branch to pass the specified workflows before they can be merged.

Properties of workflows

Nom, Type, Description

type string Obligatoire

Value: workflows

parameters object

Properties of parameters

Nom, Type, Description

do_not_enforce_on_create boolean

Allow repositories and branches to be created if a check would otherwise prohibit it.

workflows array of objects Obligatoire

Workflows that must pass for this rule to pass.

Properties of workflows

Nom, Type, Description
`path` string Obligatoire The path to the workflow file
`ref` string The ref (branch or tag) of the workflow file to use
`repository_id` integer Obligatoire The ID of the repository where the workflow is defined
`sha` string The commit SHA of the workflow file to use

code_scanning object Obligatoire

Choose which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated.

Properties of code_scanning

Nom, Type, Description

type string Obligatoire

Value: code_scanning

parameters object

Properties of parameters

Nom, Type, Description

code_scanning_tools array of objects Obligatoire

Tools that must provide code scanning results for this rule to pass.

Properties of code_scanning_tools

Nom, Type, Description
`alerts_threshold` string Obligatoire The severity level at which code scanning results that raise alerts block a reference update. For more information on alert severity levels, see "About code scanning alerts." Peut être: `none`, `errors`, `errors_and_warnings`, `all`
`security_alerts_threshold` string Obligatoire The severity level at which code scanning results that raise security alerts block a reference update. For more information on security severity levels, see "About code scanning alerts." Peut être: `none`, `critical`, `high_or_higher`, `medium_or_higher`, `all`
`tool` string Obligatoire The name of a code scanning tool

Codes d’état de la réponse HTTP pour « Update an organization repository ruleset »

Code d’état	Description
`200`	OK
`404`	Resource not found
`500`	Internal Error

Exemples de code pour « Update an organization repository ruleset »

Exemple de requête

put/orgs/{org}/rulesets/{ruleset_id}

curl -L \
  -X PUT \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/orgs/ORG/rulesets/RULESET_ID \
  -d '{"name":"super cool ruleset","target":"branch","enforcement":"active","bypass_actors":[{"actor_id":234,"actor_type":"Team","bypass_mode":"always"}],"conditions":{"ref_name":{"include":["refs/heads/main","refs/heads/master"],"exclude":["refs/heads/dev*"]},"repository_name":{"include":["important_repository","another_important_repository"],"exclude":["unimportant_repository"],"protected":true}},"rules":[{"type":"commit_author_email_pattern","parameters":{"operator":"contains","pattern":"github"}}]}'

Response

Status: 200

{
  "id": 21,
  "name": "super cool ruleset",
  "target": "branch",
  "source_type": "Organization",
  "source": "my-org",
  "enforcement": "active",
  "bypass_actors": [
    {
      "actor_id": 234,
      "actor_type": "Team",
      "bypass_mode": "always"
    }
  ],
  "conditions": {
    "ref_name": {
      "include": [
        "refs/heads/main",
        "refs/heads/master"
      ],
      "exclude": [
        "refs/heads/dev*"
      ]
    },
    "repository_name": {
      "include": [
        "important_repository",
        "another_important_repository"
      ],
      "exclude": [
        "unimportant_repository"
      ],
      "protected": true
    }
  },
  "rules": [
    {
      "type": "commit_author_email_pattern",
      "parameters": {
        "operator": "contains",
        "pattern": "github"
      }
    }
  ],
  "node_id": "RRS_lACkVXNlcgQB",
  "_links": {
    "self": {
      "href": "https://api.github.com/orgs/my-org/rulesets/21"
    },
    "html": {
      "href": "https://github.com/organizations/my-org/settings/rules/21"
    }
  },
  "created_at": "2023-08-15T08:43:03Z",
  "updated_at": "2023-09-23T16:29:47Z"
}

Delete an organization repository ruleset

Delete a ruleset for an organization.

Jetons d’accès affinés pour « Delete an organization repository ruleset »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

"Administration" organization permissions (write)

Paramètres pour « Delete an organization repository ruleset »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Obligatoire The organization name. The name is not case sensitive.
`ruleset_id` integer Obligatoire The ID of the ruleset.

Codes d’état de la réponse HTTP pour « Delete an organization repository ruleset »

Code d’état	Description
`204`	No Content
`404`	Resource not found
`500`	Internal Error

Exemples de code pour « Delete an organization repository ruleset »

Exemple de requête

delete/orgs/{org}/rulesets/{ruleset_id}

curl -L \
  -X DELETE \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/orgs/ORG/rulesets/RULESET_ID

Response

Status: 204

Get organization ruleset history

Get the history of an organization ruleset.

Jetons d’accès affinés pour « Get organization ruleset history »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

"Administration" organization permissions (write)

Paramètres pour « Get organization ruleset history »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Obligatoire The organization name. The name is not case sensitive.
`ruleset_id` integer Obligatoire The ID of the ruleset.

Paramètres de requête
Nom, Type, Description
`per_page` integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Default: `30`
`page` integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Default: `1`

Codes d’état de la réponse HTTP pour « Get organization ruleset history »

Code d’état	Description
`200`	OK
`404`	Resource not found
`500`	Internal Error

Exemples de code pour « Get organization ruleset history »

Exemple de requête

get/orgs/{org}/rulesets/{ruleset_id}/history

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/orgs/ORG/rulesets/RULESET_ID/history

Response

Status: 200

[
  {
    "version_id": 3,
    "actor": {
      "id": 1,
      "type": "User"
    },
    "updated_at": "2024-010-23T16:29:47Z"
  },
  {
    "version_id": 2,
    "actor": {
      "id": 2,
      "type": "User"
    },
    "updated_at": "2024-09-23T16:29:47Z"
  },
  {
    "version_id": 1,
    "actor": {
      "id": 1,
      "type": "User"
    },
    "updated_at": "2024-08-23T16:29:47Z"
  }
]

Get organization ruleset version

Get a version of an organization ruleset.

Jetons d’accès affinés pour « Get organization ruleset version »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

"Administration" organization permissions (write)

Paramètres pour « Get organization ruleset version »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Obligatoire The organization name. The name is not case sensitive.
`ruleset_id` integer Obligatoire The ID of the ruleset.
`version_id` integer Obligatoire The ID of the version

Codes d’état de la réponse HTTP pour « Get organization ruleset version »

Code d’état	Description
`200`	OK
`404`	Resource not found
`500`	Internal Error

Exemples de code pour « Get organization ruleset version »

Exemple de requête

get/orgs/{org}/rulesets/{ruleset_id}/history/{version_id}

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/orgs/ORG/rulesets/RULESET_ID/history/VERSION_ID

Response

Status: 200

[
  {
    "version_id": 3,
    "actor": {
      "id": 1,
      "type": "User"
    },
    "updated_at": "2024-010-23T16:29:47Z",
    "state": {
      "id": 21,
      "name": "super cool ruleset",
      "target": "branch",
      "source_type": "Organization",
      "source": "my-org",
      "enforcement": "active",
      "bypass_actors": [
        {
          "actor_id": 234,
          "actor_type": "Team",
          "bypass_mode": "always"
        }
      ],
      "conditions": {
        "ref_name": {
          "include": [
            "refs/heads/main",
            "refs/heads/master"
          ],
          "exclude": [
            "refs/heads/dev*"
          ]
        },
        "repository_name": {
          "include": [
            "important_repository",
            "another_important_repository"
          ],
          "exclude": [
            "unimportant_repository"
          ],
          "protected": true
        }
      },
      "rules": [
        {
          "type": "commit_author_email_pattern",
          "parameters": {
            "operator": "contains",
            "pattern": "github"
          }
        }
      ]
    }
  }
]