WIP Branch protection

config.yml

@@ -70,7 +70,6 @@ steps:
     event: pull_request.closed
     link: '{{ repoUrl }}/pull/3'
     actions:
-      - type: updateBranchProtection
       - type: gate
         left: '%payload.pull_request.merged%'
         else:
@@ -82,6 +81,20 @@ steps:
             number: '%payload.repository.pull_request.number%'
           - type: respond
             with: 03_accidental-close.md
+      - type: open issue
+        action_id: new_issue
+        with: 04_enable-branch-protection.md
+        title: Enable branch protection
+      - type: respond
+        with:  04_next-branch-protections.md
+        data:
+          url: '%actions.new_issue.data.html_url%'
+
+  - title: Enable protected branches
+    description: Protected the master branch in this repository
+    event:  # user enables protected branches
+    link: '{{ repoUrl }}/issue/4'
+    actions:
       - type: createPullRequest
         title: Add a `.gitignore` file
         body: 04b_add-gitignore.md
@@ -91,11 +104,13 @@ steps:
         with: 04a_good-merge.md
         data:
           url: '%actions.new_pr.data.html_url%'
+      - type: closeIssue
+        issue: 4
 
   - title: Add to the `.gitignore` file
     description: The `.gitignore` file is ready to be edited in an open pull request. Add the `.env` file to the `.gitignore` file.
     event: pull_request.synchronize
-    link: '{{ repoUrl }}/pull/4'
+    link: '{{ repoUrl }}/pull/5'
     actions:
       - type: getFileContents
         action_id: fileContents
@@ -114,7 +129,7 @@ steps:
   - title: Merge the pull request
     description: Merge the second pull request with updates to the `.gitignore` file
     event: pull_request.closed
-    link: '{{ repoUrl }}/pull/4'
+    link: '{{ repoUrl }}/pull/5'
     actions:
       - type: gate
         left: '%payload.pull_request.merged%'

responses/04_enable-branch-protection.md

@@ -0,0 +1,11 @@
+## Enable branch protection
+
+Protected branches ensure that the code getting merged meets certain requirements. This could be things like passing tests, or making sure that users authenticate how you'd like them to.
+
+### :keyboard: Activity: Enable protected branches
+1. Click **Settings** on the top navigation bar in this repository
+1. On the left hand side, click **Branches**
+1. Next to the the "Branch protection rules" header, click the grey **Add rule** button
+1. Apply the rule to `master`
+1. Check the boxes for **Require pull request reviews before merging** and **Include administrators**
+1. Look through the settings, and choose any other options you'd like

responses/04_next-branch-protections.md

@@ -0,0 +1,4 @@
+Nice job merging @{{ user.username }}. Go ahead and delete the branch.
+
+<hr>
+<h3 align="center">Let's learn about protected branches <a href="{{ url }}">next issue</a>!</h3>

responses/04a_good-merge.md

@@ -1,4 +1,4 @@
-Nice job merging @{{ user.username }}. Go ahead and delete the branch.
+Nice work, you've protected the `master` branch and brought your repository one step closer to being more secure.
 
 <hr>
 <h3 align="center">Let's learn about <code>.gitignore</code> files in the <a href="{{ url }}">next pull request</a>!</h3>