Skip to content

Update repository-setup.md for single ruleset design#75

Open
hdamker wants to merge 4 commits intocamaraproject:release-automationfrom
hdamker:71-repository-setup
Open

Update repository-setup.md for single ruleset design#75
hdamker wants to merge 4 commits intocamaraproject:release-automationfrom
hdamker:71-repository-setup

Conversation

@hdamker
Copy link
Contributor

@hdamker hdamker commented Feb 17, 2026
edited
Loading

What type of PR is this?

  • documentation

What this PR does / why we need it:

Updates repository-setup.md to reflect the consolidated ruleset design:

  • Consolidates 3 rulesets into 1 combined release-snapshot-protection ruleset
  • Updates bypass actor from GitHub Actions to camara-release-automation GitHub App
  • Documents required_reviewers for the release-management_reviewers team with 2 required approvals
  • Updates CODEOWNERS guidance: legacy /CHANGELOG.md lines are removed by the onboarding campaign, RM reviewer enforcement moves to the ruleset
  • Updates verification checklist to match the single-ruleset design

The canonical ruleset has been created manually in Template_API_Repository (ID: 12904446) and this document matches it exactly.

Which issue(s) this PR fixes:

Fixes #71

Special notes for reviewers:

The JSON payload in the document was extracted from the actual ruleset in Template_API_Repository. The required_reviewers field is a beta feature in the GitHub Rulesets API but is functional and available in the UI.

Changelog input

 release-note
Define API repository setup documentation for release automation (single ruleset with GitHub App bypass and required reviewers)

Additional documentation

This section can be blank.

docs

@hdamker
Update repository-setup.md for single ruleset design (fixes camarapro…
79356d3 
…ject#71)

Consolidate 3 rulesets into 1 combined release-snapshot-protection ruleset
with GitHub App bypass, 2 required approvals, and required_reviewers for
the release-management_reviewers team. Update CODEOWNERS guidance to reflect
removal of legacy /CHANGELOG.md lines. Update verification checklist.
@hdamker hdamker mentioned this pull request Feb 17, 2026
Open
@hdamker hdamker requested a review from tanjadegroot February 17, 2026 14:26
@hdamker
Copy link
Contributor Author

hdamker commented Feb 17, 2026
edited
Loading

@tanjadegroot @Kevsy @rartych @albertoramosmonagas this documentation of the needed setup within an API Repository for the Release Automation is worth a review (the resulting file, not the changes).

Note: The setup will be done by the campaign and script described in camaraproject/project-administration#132 camaraproject/project-administration#133 (and for new repositories via the Template_API_Repository).

ReleaseTest repo to come.

Kevsy
Kevsy reviewed Feb 17, 2026
View reviewed changes
release_automation/docs/repository-setup.md Outdated
Copy link
Contributor

@Kevsy Kevsy Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

'four-eyes' is ambiguous - if taken the same way as 'five eyes' in national security terminology, it could be interpreted as meaning four people. If it means two distinct people, then I suggest:

Suggested change
- Required approvals: 2 (enforces four-eyes review even if a person is in both codeowner and RM reviewer teams)
- Required approvals: 2 (enforces two-person review in case a codeowner is also part of the RM reviewer team)

Copy link
Contributor Author

@hdamker hdamker Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Replaced with:

- Required approvals: 2 (ensures two distinct people must approve, even if a person is in both codeowner and RM reviewer teams)

@hdamker
Clarify approval requirement wording in repository-setup.md
6b47364 
Replace ambiguous "four-eyes review" with explicit "two distinct
people must approve" per PR review feedback.
@hdamker hdamker mentioned this pull request Feb 17, 2026
Open
6 tasks
@hdamker
Keep CHANGELOG.md CODEOWNERS lines during onboarding
3c57709 
Revert D-008: keep /CHANGELOG.md and /CHANGELOG.MD lines in
CODEOWNERS to prevent unreviewed changes to the legacy changelog
file during Phase 1 migration. RM reviewer assignment on snapshot
branches is additionally enforced via ruleset required_reviewers.
@hdamker
docs: update CHANGELOG onboarding behavior for template detection
d449a4a 
Document 3-way CHANGELOG.md handling: unchanged template placeholders
are deleted, repos with real content get forward-reference notes, and
repos without CHANGELOG.md get a fresh index. Update verification
checklist accordingly.
@hdamker hdamker requested a review from Kevsy February 18, 2026 20:58
tanjadegroot
tanjadegroot approved these changes Feb 19, 2026
View reviewed changes
Copy link

@tanjadegroot tanjadegroot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks great !

/LGTM

@tanjadegroot
Copy link

tanjadegroot commented Feb 19, 2026

One after review thought: who should apply/check the repo configuration and when ?
maybe add that in the beginning of the doc ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tanjadegroot tanjadegroot tanjadegroot approved these changes

@rartych rartych Awaiting requested review from rartych rartych is a code owner

@Kevsy Kevsy Awaiting requested review from Kevsy Kevsy is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@hdamker @tanjadegroot @Kevsy

Comments