REST API endpoints for rules
Use the REST API to manage rulesets for an enterprise. Rulesets control how people can interact with repositories and code.
Create an enterprise repository ruleset
Create a repository ruleset for an enterprise.
“Create an enterprise repository ruleset”的细粒度访问令牌
此端点支持以下精细令牌类型:
精细令牌必须具有以下权限集:
- "Enterprise administration" business permissions (write)
“Create an enterprise repository ruleset”的参数
名称, 类型, 说明 |
---|
accept string Setting to |
名称, 类型, 说明 |
---|
enterprise string 必须The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
名称, 类型, 说明 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
name string 必须The name of the ruleset. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
target string The target of the ruleset 默认: 可以是以下选项之一: | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
enforcement string 必须The enforcement level of the ruleset. 可以是以下选项之一: | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
bypass_actors array of objects The actors that can bypass the rules in this ruleset | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Properties of |
名称, 类型, 说明 |
---|
actor_id integer or null The ID of the actor that can bypass a ruleset. If |
actor_type string 必须The type of actor that can bypass a ruleset 可以是以下选项之一: |
bypass_mode string When the specified actor can bypass the ruleset. 默认: 可以是以下选项之一: |
conditions
object Conditions for an enterprise ruleset. The conditions object should contain either the organization_id
or organization_name
property and the repository_name
or repository_property
property. For branch and tag rulesets, the conditions object should also contain the ref_name
property.
Can be one of these objects:
名称, 类型, 说明 | ||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
organization_name_and_repository_name object 必须Conditions to target organizations by name and all repositories | ||||||||||||||||||||||||||
Properties of |
名称, 类型, 说明 | ||||
---|---|---|---|---|
organization_name object 必须 | ||||
Properties of |
名称, 类型, 说明 |
---|
include array of strings Array of organization names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of organization names or patterns to exclude. The condition will not pass if any of these patterns match. |
repository_name
object 必须Properties of repository_name
名称, 类型, 说明 |
---|
include array of strings Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match. |
protected boolean Whether renaming of target repositories is prevented. |
ref_name
object Properties of ref_name
名称, 类型, 说明 |
---|
include array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match. |
organization_name_and_repository_property
object 必须Conditions to target organizations by name and repositories by property
Properties of organization_name_and_repository_property
名称, 类型, 说明 | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
organization_name object 必须 | |||||||||||||
Properties of |
名称, 类型, 说明 |
---|
include array of strings Array of organization names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of organization names or patterns to exclude. The condition will not pass if any of these patterns match. |
repository_property
object 必须Properties of repository_property
名称, 类型, 说明 | ||||
---|---|---|---|---|
include array of objects The repository properties and values to include. All of these properties must match for the condition to pass. | ||||
Properties of |
名称, 类型, 说明 |
---|
name string 必须The name of the repository property to target |
property_values array of strings 必须The values to match for the repository property |
source string The source of the repository property. Defaults to 'custom' if not specified. 可以是以下选项之一: |
exclude
array of objects The repository properties and values to exclude. The condition will not pass if any of these properties match.
Properties of exclude
名称, 类型, 说明 |
---|
name string 必须The name of the repository property to target |
property_values array of strings 必须The values to match for the repository property |
source string The source of the repository property. Defaults to 'custom' if not specified. 可以是以下选项之一: |
ref_name
object Properties of ref_name
名称, 类型, 说明 |
---|
include array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match. |
organization_id_and_repository_name
object 必须Conditions to target organizations by id and all repositories
Properties of organization_id_and_repository_name
名称, 类型, 说明 | ||||
---|---|---|---|---|
organization_id object 必须 | ||||
Properties of |
名称, 类型, 说明 |
---|
organization_ids array of integers The organization IDs that the ruleset applies to. One of these IDs must match for the condition to pass. |
repository_name
object 必须Properties of repository_name
名称, 类型, 说明 |
---|
include array of strings Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match. |
protected boolean Whether renaming of target repositories is prevented. |
ref_name
object Properties of ref_name
名称, 类型, 说明 |
---|
include array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match. |
organization_id_and_repository_property
object 必须Conditions to target organization by id and repositories by property
Properties of organization_id_and_repository_property
名称, 类型, 说明 | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
organization_id object 必须 | |||||||||||||
Properties of |
名称, 类型, 说明 |
---|
organization_ids array of integers The organization IDs that the ruleset applies to. One of these IDs must match for the condition to pass. |
repository_property
object 必须Properties of repository_property
名称, 类型, 说明 | ||||
---|---|---|---|---|
include array of objects The repository properties and values to include. All of these properties must match for the condition to pass. | ||||
Properties of |
名称, 类型, 说明 |
---|
name string 必须The name of the repository property to target |
property_values array of strings 必须The values to match for the repository property |
source string The source of the repository property. Defaults to 'custom' if not specified. 可以是以下选项之一: |
exclude
array of objects The repository properties and values to exclude. The condition will not pass if any of these properties match.
Properties of exclude
名称, 类型, 说明 |
---|
name string 必须The name of the repository property to target |
property_values array of strings 必须The values to match for the repository property |
source string The source of the repository property. Defaults to 'custom' if not specified. 可以是以下选项之一: |
ref_name
object Properties of ref_name
名称, 类型, 说明 |
---|
include array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match. |
rules
array of objects An array of rules within the ruleset.
Can be one of these objects:
名称, 类型, 说明 | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
creation object 必须Only allow users with bypass permission to create matching refs. | |||||||||||||
Properties of |
名称, 类型, 说明 |
---|
type string 必须值: |
update
object 必须Only allow users with bypass permission to update matching refs.
Properties of update
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
update_allows_fetch_and_merge boolean 必须Branch can pull changes from its upstream repository |
deletion
object 必须Only allow users with bypass permissions to delete matching refs.
Properties of deletion
名称, 类型, 说明 |
---|
type string 必须值: |
required_linear_history
object 必须Prevent merge commits from being pushed to matching refs.
Properties of required_linear_history
名称, 类型, 说明 |
---|
type string 必须值: |
merge_queue
object 必须Merges must be performed via a merge queue.
Properties of merge_queue
名称, 类型, 说明 | ||||||||
---|---|---|---|---|---|---|---|---|
type string 必须值: | ||||||||
parameters object | ||||||||
Properties of |
名称, 类型, 说明 |
---|
check_response_timeout_minutes integer 必须Maximum time for a required status check to report a conclusion. After this much time has elapsed, checks that have not reported a conclusion will be assumed to have failed |
grouping_strategy string 必须When set to ALLGREEN, the merge commit created by merge queue for each PR in the group must pass all required checks to merge. When set to HEADGREEN, only the commit at the head of the merge group, i.e. the commit containing changes from all of the PRs in the group, must pass its required checks to merge. 可以是以下选项之一: |
max_entries_to_build integer 必须Limit the number of queued pull requests requesting checks and workflow runs at the same time. |
max_entries_to_merge integer 必须The maximum number of PRs that will be merged together in a group. |
merge_method string 必须Method to use when merging changes from queued pull requests. 可以是以下选项之一: |
min_entries_to_merge integer 必须The minimum number of PRs that will be merged together in a group. |
min_entries_to_merge_wait_minutes integer 必须The time merge queue should wait after the first PR is added to the queue for the minimum group size to be met. After this time has elapsed, the minimum group size will be ignored and a smaller group will be merged. |
required_deployments
object 必须Choose which environments must be successfully deployed to before refs can be pushed into a ref that matches this rule.
Properties of required_deployments
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
required_deployment_environments array of strings 必须The environments that must be successfully deployed to before branches can be merged. |
required_signatures
object 必须Commits pushed to matching refs must have verified signatures.
Properties of required_signatures
名称, 类型, 说明 |
---|
type string 必须值: |
pull_request
object 必须Require all commits be made to a non-target branch and submitted via a pull request before they can be merged.
Properties of pull_request
名称, 类型, 说明 | |||||||
---|---|---|---|---|---|---|---|
type string 必须值: | |||||||
parameters object | |||||||
Properties of |
名称, 类型, 说明 |
---|
allowed_merge_methods array of strings When merging pull requests, you can allow any combination of merge commits, squashing, or rebasing. At least one option must be enabled. |
dismiss_stale_reviews_on_push boolean 必须New, reviewable commits pushed will dismiss previous pull request review approvals. |
require_code_owner_review boolean 必须Require an approving review in pull requests that modify files that have a designated code owner. |
require_last_push_approval boolean 必须Whether the most recent reviewable push must be approved by someone other than the person who pushed it. |
required_approving_review_count integer 必须The number of approving reviews that are required before a pull request can be merged. |
required_review_thread_resolution boolean 必须All conversations on code must be resolved before a pull request can be merged. |
required_status_checks
object 必须Choose which status checks must pass before the ref is updated. When enabled, commits must first be pushed to another ref where the checks pass.
Properties of required_status_checks
名称, 类型, 说明 | ||||||||
---|---|---|---|---|---|---|---|---|
type string 必须值: | ||||||||
parameters object | ||||||||
Properties of |
名称, 类型, 说明 | |||
---|---|---|---|
do_not_enforce_on_create boolean Allow repositories and branches to be created if a check would otherwise prohibit it. | |||
required_status_checks array of objects 必须Status checks that are required. | |||
Properties of |
名称, 类型, 说明 |
---|
context string 必须The status check context name that must be present on the commit. |
integration_id integer The optional integration ID that this status check must originate from. |
strict_required_status_checks_policy
boolean 必须Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled.
non_fast_forward
object 必须Prevent users with push access from force pushing to refs.
Properties of non_fast_forward
名称, 类型, 说明 |
---|
type string 必须值: |
commit_message_pattern
object 必须Parameters to be used for the commit_message_pattern rule
Properties of commit_message_pattern
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
type string 必须值: | |||||
parameters object | |||||
Properties of |
名称, 类型, 说明 |
---|
name string How this rule will appear to users. |
negate boolean If true, the rule will fail if the pattern matches. |
operator string 必须The operator to use for matching. 可以是以下选项之一: |
pattern string 必须The pattern to match with. |
commit_author_email_pattern
object 必须Parameters to be used for the commit_author_email_pattern rule
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
type string 必须值: | |||||
parameters object | |||||
Properties of |
名称, 类型, 说明 |
---|
name string How this rule will appear to users. |
negate boolean If true, the rule will fail if the pattern matches. |
operator string 必须The operator to use for matching. 可以是以下选项之一: |
pattern string 必须The pattern to match with. |
committer_email_pattern
object 必须Parameters to be used for the committer_email_pattern rule
Properties of committer_email_pattern
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
type string 必须值: | |||||
parameters object | |||||
Properties of |
名称, 类型, 说明 |
---|
name string How this rule will appear to users. |
negate boolean If true, the rule will fail if the pattern matches. |
operator string 必须The operator to use for matching. 可以是以下选项之一: |
pattern string 必须The pattern to match with. |
branch_name_pattern
object 必须Parameters to be used for the branch_name_pattern rule
Properties of branch_name_pattern
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
type string 必须值: | |||||
parameters object | |||||
Properties of |
名称, 类型, 说明 |
---|
name string How this rule will appear to users. |
negate boolean If true, the rule will fail if the pattern matches. |
operator string 必须The operator to use for matching. 可以是以下选项之一: |
pattern string 必须The pattern to match with. |
tag_name_pattern
object 必须Parameters to be used for the tag_name_pattern rule
Properties of tag_name_pattern
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
type string 必须值: | |||||
parameters object | |||||
Properties of |
名称, 类型, 说明 |
---|
name string How this rule will appear to users. |
negate boolean If true, the rule will fail if the pattern matches. |
operator string 必须The operator to use for matching. 可以是以下选项之一: |
pattern string 必须The pattern to match with. |
file_path_restriction
object 必须Prevent commits that include changes in specified file paths from being pushed to the commit graph.
Properties of file_path_restriction
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
restricted_file_paths array of strings 必须The file paths that are restricted from being pushed to the commit graph. |
max_file_path_length
object 必须Prevent commits that include file paths that exceed a specified character limit from being pushed to the commit graph.
Properties of max_file_path_length
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
max_file_path_length integer 必须The maximum amount of characters allowed in file paths |
file_extension_restriction
object 必须Prevent commits that include files with specified file extensions from being pushed to the commit graph.
Properties of file_extension_restriction
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
restricted_file_extensions array of strings 必须The file extensions that are restricted from being pushed to the commit graph. |
max_file_size
object 必须Prevent commits that exceed a specified file size limit from being pushed to the commit.
Properties of max_file_size
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
max_file_size integer 必须The maximum file size allowed in megabytes. This limit does not apply to Git Large File Storage (Git LFS). |
workflows
object 必须Require all changes made to a targeted branch to pass the specified workflows before they can be merged.
Properties of workflows
名称, 类型, 说明 | |||||||||
---|---|---|---|---|---|---|---|---|---|
type string 必须值: | |||||||||
parameters object | |||||||||
Properties of |
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
do_not_enforce_on_create boolean Allow repositories and branches to be created if a check would otherwise prohibit it. | |||||
workflows array of objects 必须Workflows that must pass for this rule to pass. | |||||
Properties of |
名称, 类型, 说明 |
---|
path string 必须The path to the workflow file |
ref string The ref (branch or tag) of the workflow file to use |
repository_id integer 必须The ID of the repository where the workflow is defined |
sha string The commit SHA of the workflow file to use |
code_scanning
object 必须Choose which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated.
Properties of code_scanning
名称, 类型, 说明 | |||||||
---|---|---|---|---|---|---|---|
type string 必须值: | |||||||
parameters object | |||||||
Properties of |
名称, 类型, 说明 | ||||
---|---|---|---|---|
code_scanning_tools array of objects 必须Tools that must provide code scanning results for this rule to pass. | ||||
Properties of |
名称, 类型, 说明 |
---|
alerts_threshold string 必须The severity level at which code scanning results that raise alerts block a reference update. For more information on alert severity levels, see "About code scanning alerts." 可以是以下选项之一: |
security_alerts_threshold string 必须The severity level at which code scanning results that raise security alerts block a reference update. For more information on security severity levels, see "About code scanning alerts." 可以是以下选项之一: |
tool string 必须The name of a code scanning tool |
“Create an enterprise repository ruleset”的 HTTP 响应状态代码
状态代码 | 说明 |
---|---|
201 | Created |
404 | Resource not found |
500 | Internal Error |
“Create an enterprise repository ruleset”的示例代码
如果你通过 GHE.com 访问 GitHub,请将 api.github.com
替换为你的企业在 api.SUBDOMAIN.ghe.com
上的专用子域。
请求示例
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/rulesets \
-d '{"name":"super cool ruleset","target":"repository","enforcement":"active","bypass_actors":[{"actor_id":234,"actor_type":"Team","bypass_mode":"always"}],"conditions":{"org_name":{"include":["important_org"],"exclude":["unimportant_org"]}},"rules":[{"type":"repository_delete"}]}'
Response
Status: 201
{
"id": 21,
"name": "super cool ruleset",
"target": "repository",
"source_type": "Enterprise",
"source": "my-enterprise",
"enforcement": "active",
"conditions": {
"organization_name": {
"include": [
"important_organization"
]
},
"repository_name": {
"include": [
"~ALL"
]
}
},
"rules": [
{
"type": "repository_delete"
}
],
"node_id": "RRS_lACkVXNlcgQB",
"_links": {
"self": {
"href": "https://api.github.com/enterprises/my-enterprise/rulesets/21"
},
"html": {
"href": "https://github.com/enterprise/my-enterprise/settings/policies/repositories/21"
}
},
"created_at": "2024-08-15T08:43:03Z",
"updated_at": "2024-09-23T16:29:47Z"
}
Get an enterprise repository ruleset
Get a repository ruleset for an enterprise.
Note: To prevent leaking sensitive information, the bypass_actors
property is only returned if the user
making the API request has write access to the ruleset.
“Get an enterprise repository ruleset”的细粒度访问令牌
此端点支持以下精细令牌类型:
精细令牌必须具有以下权限集:
- "Enterprise administration" business permissions (write)
“Get an enterprise repository ruleset”的参数
名称, 类型, 说明 |
---|
accept string Setting to |
名称, 类型, 说明 |
---|
enterprise string 必须The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
ruleset_id integer 必须The ID of the ruleset. |
“Get an enterprise repository ruleset”的 HTTP 响应状态代码
状态代码 | 说明 |
---|---|
200 | OK |
404 | Resource not found |
500 | Internal Error |
“Get an enterprise repository ruleset”的示例代码
如果你通过 GHE.com 访问 GitHub,请将 api.github.com
替换为你的企业在 api.SUBDOMAIN.ghe.com
上的专用子域。
请求示例
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/rulesets/RULESET_ID
Response
Status: 200
{
"id": 21,
"name": "super cool ruleset",
"target": "repository",
"source_type": "Enterprise",
"source": "my-enterprise",
"enforcement": "active",
"conditions": {
"organization_name": {
"include": [
"important_organization"
]
},
"repository_name": {
"include": [
"~ALL"
]
}
},
"rules": [
{
"type": "repository_delete"
}
],
"node_id": "RRS_lACkVXNlcgQB",
"_links": {
"self": {
"href": "https://api.github.com/enterprises/my-enterprise/rulesets/21"
},
"html": {
"href": "https://github.com/enterprise/my-enterprise/settings/policies/repositories/21"
}
},
"created_at": "2024-08-15T08:43:03Z",
"updated_at": "2024-09-23T16:29:47Z"
}
Update an enterprise repository ruleset
Update a ruleset for an enterprise.
“Update an enterprise repository ruleset”的细粒度访问令牌
此端点支持以下精细令牌类型:
精细令牌必须具有以下权限集:
- "Enterprise administration" business permissions (write)
“Update an enterprise repository ruleset”的参数
名称, 类型, 说明 |
---|
accept string Setting to |
名称, 类型, 说明 |
---|
enterprise string 必须The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
ruleset_id integer 必须The ID of the ruleset. |
名称, 类型, 说明 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
name string The name of the ruleset. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
target string The target of the ruleset 可以是以下选项之一: | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
enforcement string The enforcement level of the ruleset. 可以是以下选项之一: | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
bypass_actors array of objects The actors that can bypass the rules in this ruleset | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Properties of |
名称, 类型, 说明 |
---|
actor_id integer or null The ID of the actor that can bypass a ruleset. If |
actor_type string 必须The type of actor that can bypass a ruleset 可以是以下选项之一: |
bypass_mode string When the specified actor can bypass the ruleset. 默认: 可以是以下选项之一: |
conditions
object Conditions for an enterprise ruleset. The conditions object should contain either the organization_id
or organization_name
property and the repository_name
or repository_property
property. For branch and tag rulesets, the conditions object should also contain the ref_name
property.
Can be one of these objects:
名称, 类型, 说明 | ||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
organization_name_and_repository_name object 必须Conditions to target organizations by name and all repositories | ||||||||||||||||||||||||||
Properties of |
名称, 类型, 说明 | ||||
---|---|---|---|---|
organization_name object 必须 | ||||
Properties of |
名称, 类型, 说明 |
---|
include array of strings Array of organization names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of organization names or patterns to exclude. The condition will not pass if any of these patterns match. |
repository_name
object 必须Properties of repository_name
名称, 类型, 说明 |
---|
include array of strings Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match. |
protected boolean Whether renaming of target repositories is prevented. |
ref_name
object Properties of ref_name
名称, 类型, 说明 |
---|
include array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match. |
organization_name_and_repository_property
object 必须Conditions to target organizations by name and repositories by property
Properties of organization_name_and_repository_property
名称, 类型, 说明 | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
organization_name object 必须 | |||||||||||||
Properties of |
名称, 类型, 说明 |
---|
include array of strings Array of organization names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of organization names or patterns to exclude. The condition will not pass if any of these patterns match. |
repository_property
object 必须Properties of repository_property
名称, 类型, 说明 | ||||
---|---|---|---|---|
include array of objects The repository properties and values to include. All of these properties must match for the condition to pass. | ||||
Properties of |
名称, 类型, 说明 |
---|
name string 必须The name of the repository property to target |
property_values array of strings 必须The values to match for the repository property |
source string The source of the repository property. Defaults to 'custom' if not specified. 可以是以下选项之一: |
exclude
array of objects The repository properties and values to exclude. The condition will not pass if any of these properties match.
Properties of exclude
名称, 类型, 说明 |
---|
name string 必须The name of the repository property to target |
property_values array of strings 必须The values to match for the repository property |
source string The source of the repository property. Defaults to 'custom' if not specified. 可以是以下选项之一: |
ref_name
object Properties of ref_name
名称, 类型, 说明 |
---|
include array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match. |
organization_id_and_repository_name
object 必须Conditions to target organizations by id and all repositories
Properties of organization_id_and_repository_name
名称, 类型, 说明 | ||||
---|---|---|---|---|
organization_id object 必须 | ||||
Properties of |
名称, 类型, 说明 |
---|
organization_ids array of integers The organization IDs that the ruleset applies to. One of these IDs must match for the condition to pass. |
repository_name
object 必须Properties of repository_name
名称, 类型, 说明 |
---|
include array of strings Array of repository names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of repository names or patterns to exclude. The condition will not pass if any of these patterns match. |
protected boolean Whether renaming of target repositories is prevented. |
ref_name
object Properties of ref_name
名称, 类型, 说明 |
---|
include array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match. |
organization_id_and_repository_property
object 必须Conditions to target organization by id and repositories by property
Properties of organization_id_and_repository_property
名称, 类型, 说明 | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
organization_id object 必须 | |||||||||||||
Properties of |
名称, 类型, 说明 |
---|
organization_ids array of integers The organization IDs that the ruleset applies to. One of these IDs must match for the condition to pass. |
repository_property
object 必须Properties of repository_property
名称, 类型, 说明 | ||||
---|---|---|---|---|
include array of objects The repository properties and values to include. All of these properties must match for the condition to pass. | ||||
Properties of |
名称, 类型, 说明 |
---|
name string 必须The name of the repository property to target |
property_values array of strings 必须The values to match for the repository property |
source string The source of the repository property. Defaults to 'custom' if not specified. 可以是以下选项之一: |
exclude
array of objects The repository properties and values to exclude. The condition will not pass if any of these properties match.
Properties of exclude
名称, 类型, 说明 |
---|
name string 必须The name of the repository property to target |
property_values array of strings 必须The values to match for the repository property |
source string The source of the repository property. Defaults to 'custom' if not specified. 可以是以下选项之一: |
ref_name
object Properties of ref_name
名称, 类型, 说明 |
---|
include array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts |
exclude array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match. |
rules
array of objects An array of rules within the ruleset.
Can be one of these objects:
名称, 类型, 说明 | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
creation object 必须Only allow users with bypass permission to create matching refs. | |||||||||||||
Properties of |
名称, 类型, 说明 |
---|
type string 必须值: |
update
object 必须Only allow users with bypass permission to update matching refs.
Properties of update
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
update_allows_fetch_and_merge boolean 必须Branch can pull changes from its upstream repository |
deletion
object 必须Only allow users with bypass permissions to delete matching refs.
Properties of deletion
名称, 类型, 说明 |
---|
type string 必须值: |
required_linear_history
object 必须Prevent merge commits from being pushed to matching refs.
Properties of required_linear_history
名称, 类型, 说明 |
---|
type string 必须值: |
merge_queue
object 必须Merges must be performed via a merge queue.
Properties of merge_queue
名称, 类型, 说明 | ||||||||
---|---|---|---|---|---|---|---|---|
type string 必须值: | ||||||||
parameters object | ||||||||
Properties of |
名称, 类型, 说明 |
---|
check_response_timeout_minutes integer 必须Maximum time for a required status check to report a conclusion. After this much time has elapsed, checks that have not reported a conclusion will be assumed to have failed |
grouping_strategy string 必须When set to ALLGREEN, the merge commit created by merge queue for each PR in the group must pass all required checks to merge. When set to HEADGREEN, only the commit at the head of the merge group, i.e. the commit containing changes from all of the PRs in the group, must pass its required checks to merge. 可以是以下选项之一: |
max_entries_to_build integer 必须Limit the number of queued pull requests requesting checks and workflow runs at the same time. |
max_entries_to_merge integer 必须The maximum number of PRs that will be merged together in a group. |
merge_method string 必须Method to use when merging changes from queued pull requests. 可以是以下选项之一: |
min_entries_to_merge integer 必须The minimum number of PRs that will be merged together in a group. |
min_entries_to_merge_wait_minutes integer 必须The time merge queue should wait after the first PR is added to the queue for the minimum group size to be met. After this time has elapsed, the minimum group size will be ignored and a smaller group will be merged. |
required_deployments
object 必须Choose which environments must be successfully deployed to before refs can be pushed into a ref that matches this rule.
Properties of required_deployments
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
required_deployment_environments array of strings 必须The environments that must be successfully deployed to before branches can be merged. |
required_signatures
object 必须Commits pushed to matching refs must have verified signatures.
Properties of required_signatures
名称, 类型, 说明 |
---|
type string 必须值: |
pull_request
object 必须Require all commits be made to a non-target branch and submitted via a pull request before they can be merged.
Properties of pull_request
名称, 类型, 说明 | |||||||
---|---|---|---|---|---|---|---|
type string 必须值: | |||||||
parameters object | |||||||
Properties of |
名称, 类型, 说明 |
---|
allowed_merge_methods array of strings When merging pull requests, you can allow any combination of merge commits, squashing, or rebasing. At least one option must be enabled. |
dismiss_stale_reviews_on_push boolean 必须New, reviewable commits pushed will dismiss previous pull request review approvals. |
require_code_owner_review boolean 必须Require an approving review in pull requests that modify files that have a designated code owner. |
require_last_push_approval boolean 必须Whether the most recent reviewable push must be approved by someone other than the person who pushed it. |
required_approving_review_count integer 必须The number of approving reviews that are required before a pull request can be merged. |
required_review_thread_resolution boolean 必须All conversations on code must be resolved before a pull request can be merged. |
required_status_checks
object 必须Choose which status checks must pass before the ref is updated. When enabled, commits must first be pushed to another ref where the checks pass.
Properties of required_status_checks
名称, 类型, 说明 | ||||||||
---|---|---|---|---|---|---|---|---|
type string 必须值: | ||||||||
parameters object | ||||||||
Properties of |
名称, 类型, 说明 | |||
---|---|---|---|
do_not_enforce_on_create boolean Allow repositories and branches to be created if a check would otherwise prohibit it. | |||
required_status_checks array of objects 必须Status checks that are required. | |||
Properties of |
名称, 类型, 说明 |
---|
context string 必须The status check context name that must be present on the commit. |
integration_id integer The optional integration ID that this status check must originate from. |
strict_required_status_checks_policy
boolean 必须Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled.
non_fast_forward
object 必须Prevent users with push access from force pushing to refs.
Properties of non_fast_forward
名称, 类型, 说明 |
---|
type string 必须值: |
commit_message_pattern
object 必须Parameters to be used for the commit_message_pattern rule
Properties of commit_message_pattern
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
type string 必须值: | |||||
parameters object | |||||
Properties of |
名称, 类型, 说明 |
---|
name string How this rule will appear to users. |
negate boolean If true, the rule will fail if the pattern matches. |
operator string 必须The operator to use for matching. 可以是以下选项之一: |
pattern string 必须The pattern to match with. |
commit_author_email_pattern
object 必须Parameters to be used for the commit_author_email_pattern rule
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
type string 必须值: | |||||
parameters object | |||||
Properties of |
名称, 类型, 说明 |
---|
name string How this rule will appear to users. |
negate boolean If true, the rule will fail if the pattern matches. |
operator string 必须The operator to use for matching. 可以是以下选项之一: |
pattern string 必须The pattern to match with. |
committer_email_pattern
object 必须Parameters to be used for the committer_email_pattern rule
Properties of committer_email_pattern
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
type string 必须值: | |||||
parameters object | |||||
Properties of |
名称, 类型, 说明 |
---|
name string How this rule will appear to users. |
negate boolean If true, the rule will fail if the pattern matches. |
operator string 必须The operator to use for matching. 可以是以下选项之一: |
pattern string 必须The pattern to match with. |
branch_name_pattern
object 必须Parameters to be used for the branch_name_pattern rule
Properties of branch_name_pattern
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
type string 必须值: | |||||
parameters object | |||||
Properties of |
名称, 类型, 说明 |
---|
name string How this rule will appear to users. |
negate boolean If true, the rule will fail if the pattern matches. |
operator string 必须The operator to use for matching. 可以是以下选项之一: |
pattern string 必须The pattern to match with. |
tag_name_pattern
object 必须Parameters to be used for the tag_name_pattern rule
Properties of tag_name_pattern
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
type string 必须值: | |||||
parameters object | |||||
Properties of |
名称, 类型, 说明 |
---|
name string How this rule will appear to users. |
negate boolean If true, the rule will fail if the pattern matches. |
operator string 必须The operator to use for matching. 可以是以下选项之一: |
pattern string 必须The pattern to match with. |
file_path_restriction
object 必须Prevent commits that include changes in specified file paths from being pushed to the commit graph.
Properties of file_path_restriction
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
restricted_file_paths array of strings 必须The file paths that are restricted from being pushed to the commit graph. |
max_file_path_length
object 必须Prevent commits that include file paths that exceed a specified character limit from being pushed to the commit graph.
Properties of max_file_path_length
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
max_file_path_length integer 必须The maximum amount of characters allowed in file paths |
file_extension_restriction
object 必须Prevent commits that include files with specified file extensions from being pushed to the commit graph.
Properties of file_extension_restriction
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
restricted_file_extensions array of strings 必须The file extensions that are restricted from being pushed to the commit graph. |
max_file_size
object 必须Prevent commits that exceed a specified file size limit from being pushed to the commit.
Properties of max_file_size
名称, 类型, 说明 | ||
---|---|---|
type string 必须值: | ||
parameters object | ||
Properties of |
名称, 类型, 说明 |
---|
max_file_size integer 必须The maximum file size allowed in megabytes. This limit does not apply to Git Large File Storage (Git LFS). |
workflows
object 必须Require all changes made to a targeted branch to pass the specified workflows before they can be merged.
Properties of workflows
名称, 类型, 说明 | |||||||||
---|---|---|---|---|---|---|---|---|---|
type string 必须值: | |||||||||
parameters object | |||||||||
Properties of |
名称, 类型, 说明 | |||||
---|---|---|---|---|---|
do_not_enforce_on_create boolean Allow repositories and branches to be created if a check would otherwise prohibit it. | |||||
workflows array of objects 必须Workflows that must pass for this rule to pass. | |||||
Properties of |
名称, 类型, 说明 |
---|
path string 必须The path to the workflow file |
ref string The ref (branch or tag) of the workflow file to use |
repository_id integer 必须The ID of the repository where the workflow is defined |
sha string The commit SHA of the workflow file to use |
code_scanning
object 必须Choose which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated.
Properties of code_scanning
名称, 类型, 说明 | |||||||
---|---|---|---|---|---|---|---|
type string 必须值: | |||||||
parameters object | |||||||
Properties of |
名称, 类型, 说明 | ||||
---|---|---|---|---|
code_scanning_tools array of objects 必须Tools that must provide code scanning results for this rule to pass. | ||||
Properties of |
名称, 类型, 说明 |
---|
alerts_threshold string 必须The severity level at which code scanning results that raise alerts block a reference update. For more information on alert severity levels, see "About code scanning alerts." 可以是以下选项之一: |
security_alerts_threshold string 必须The severity level at which code scanning results that raise security alerts block a reference update. For more information on security severity levels, see "About code scanning alerts." 可以是以下选项之一: |
tool string 必须The name of a code scanning tool |
“Update an enterprise repository ruleset”的 HTTP 响应状态代码
状态代码 | 说明 |
---|---|
200 | OK |
404 | Resource not found |
500 | Internal Error |
“Update an enterprise repository ruleset”的示例代码
如果你通过 GHE.com 访问 GitHub,请将 api.github.com
替换为你的企业在 api.SUBDOMAIN.ghe.com
上的专用子域。
请求示例
curl -L \
-X PUT \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/rulesets/RULESET_ID \
-d '{"name":"super cool ruleset","target":"repository","enforcement":"active","bypass_actors":[{"actor_id":234,"actor_type":"Team","bypass_mode":"always"}],"conditions":{"org_name":{"include":["important_org"],"exclude":["unimportant_org"]}},"rules":[{"type":"repository_delete"}]}'
Response
Status: 200
{
"id": 21,
"name": "super cool ruleset",
"target": "repository",
"source_type": "Enterprise",
"source": "my-enterprise",
"enforcement": "active",
"conditions": {
"organization_name": {
"include": [
"important_organization"
]
},
"repository_name": {
"include": [
"~ALL"
]
}
},
"rules": [
{
"type": "repository_delete"
}
],
"node_id": "RRS_lACkVXNlcgQB",
"_links": {
"self": {
"href": "https://api.github.com/enterprises/my-enterprise/rulesets/21"
},
"html": {
"href": "https://github.com/enterprise/my-enterprise/settings/policies/repositories/21"
}
},
"created_at": "2024-08-15T08:43:03Z",
"updated_at": "2024-09-23T16:29:47Z"
}
Delete an enterprise repository ruleset
Delete a ruleset for an enterprise.
“Delete an enterprise repository ruleset”的细粒度访问令牌
此端点支持以下精细令牌类型:
精细令牌必须具有以下权限集:
- "Enterprise administration" business permissions (write)
“Delete an enterprise repository ruleset”的参数
名称, 类型, 说明 |
---|
accept string Setting to |
名称, 类型, 说明 |
---|
enterprise string 必须The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
ruleset_id integer 必须The ID of the ruleset. |
“Delete an enterprise repository ruleset”的 HTTP 响应状态代码
状态代码 | 说明 |
---|---|
204 | No Content |
404 | Resource not found |
500 | Internal Error |
“Delete an enterprise repository ruleset”的示例代码
如果你通过 GHE.com 访问 GitHub,请将 api.github.com
替换为你的企业在 api.SUBDOMAIN.ghe.com
上的专用子域。
请求示例
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/rulesets/RULESET_ID
Response
Status: 204