chore(branch-protection): allow actions + moko-deploy bots on protected branches #334

Merged
jmiller merged 1 commits from chore/branch-protection-bot-allowlist into main 2026-07-04 23:23:07 +00:00

1 Commits

Author SHA1 Message Date
jmiller e99881ad65 chore(branch-protection): allow actions + moko-deploy bots on protected branches
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 19s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 2s
Generic: Repo Health / Access control (pull_request) Successful in 3s
Universal: PR Check / Validate PR (pull_request) Failing after 10s
Universal: PR Check / Secret Scan (pull_request) Successful in 14s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 3s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 41s
Platform: mokocli CI / Gate 1: Code Quality (pull_request) Successful in 2m0s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 13m47s
Platform: mokocli CI / Gate 2: Unit Tests (8.1) (pull_request) Has been cancelled
Platform: mokocli CI / Gate 2: Unit Tests (8.2) (pull_request) Has been cancelled
Platform: mokocli CI / Gate 2: Unit Tests (8.3) (pull_request) Has been cancelled
Platform: mokocli CI / Gate 3: Self-Health Check (pull_request) Has been cancelled
Platform: mokocli CI / Gate 4: Governance (pull_request) Has been cancelled
Platform: mokocli CI / Gate 5: Template Integrity (pull_request) Has been cancelled
Platform: mokocli CI / CI Summary (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
Adds the automation identities to the branch-protection rule definitions so
release automation can operate on protected branches:
- all rules: push_whitelist_actions_user=true + moko-deploy in push whitelist
- dev, rc: enable force-push for the bots so dev can be reset to main via a
  single `git push --force origin main:dev` (delete+recreate cannot work on a
  protected branch)
- main keeps force-push disabled

moko-deploy needs org-team write access to take effect (mcp-mokogitea-api#30).
Unblocks the dev-sync + version-persist fixes (Template-Generic#53).

Claude-Session: https://claude.ai/code/session_01WbGBN9VyRK61zczYWcCQ2i
2026-07-04 18:21:50 -05:00