You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
> Copilot: run these command-line commands (do not use manual UI-only setup) to create environments and configure protection rules.
242
281
282
+
**On macOS/Linux (Bash):**
243
283
\`\`\`bash
284
+
${ghEnvironmentSetupCmds}
285
+
\`\`\`
286
+
287
+
**On Windows (PowerShell):**
288
+
\`\`\`powershell
244
289
${config.environments.map((env)=>
245
-
`# Create the ${env} environment (requires GitHub CLI)
246
-
gh api --method PUT "repos/\${GITHUB_ORG}/\${GITHUB_REPO}/environments/${env}"`
290
+
`# ${env} environment: create + baseline protection via GitHub API
291
+
@'
292
+
{
293
+
"wait_timer": 0,
294
+
"prevent_self_review": true,
295
+
"deployment_branch_policy": {
296
+
"protected_branches": false,
297
+
"custom_branch_policies": true
298
+
}
299
+
}
300
+
'@ | Set-Content -Path env-${env}-config.json
301
+
302
+
gh api --method PUT "repos/\${GITHUB_ORG}/\${GITHUB_REPO}/environments/${env}" --input env-${env}-config.json
303
+
304
+
# Restrict deployments to main branch
305
+
gh api --method POST "repos/\${GITHUB_ORG}/\${GITHUB_REPO}/environments/${env}/deployment-branch-policies" -f name='main' -f type='branch'
306
+
307
+
# Optional: require deployment approval reviewers (replace IDs with your approver IDs)
308
+
# Resolve a user ID: gh api "users/<github-login>" --jq .id
309
+
@'
310
+
{
311
+
"wait_timer": 0,
312
+
"prevent_self_review": true,
313
+
"reviewers": [
314
+
{ "type": "User", "id": 12345678 }
315
+
],
316
+
"deployment_branch_policy": {
317
+
"protected_branches": false,
318
+
"custom_branch_policies": true
319
+
}
320
+
}
321
+
'@ | Set-Content -Path env-${env}-reviewers.json
322
+
323
+
gh api --method PUT "repos/\${GITHUB_ORG}/\${GITHUB_REPO}/environments/${env}" --input env-${env}-reviewers.json`
247
324
).join('\n\n')}
248
325
\`\`\`
249
326
327
+
> Rerun note: environment PUT calls are idempotent, but branch-policy creation can return "already exists" on reruns after the first successful create; treat that as expected when main is already configured.
328
+
329
+
> If reviewer configuration is restricted by repository plan/policy, keep environment creation and branch-policy commands in CLI and apply required reviewers using the same API payload once policy allows it.
0 commit comments