Category-Contribution/Support
Class-Pattern
Class-Resource
Language-Terraform
Lifecycle-BAU
Persona-Contributor
Persona-Owner
Severity-MUST
Type-NonFunctional
Validation-TBD

TFNFR3 - GitHub Repo Branch Protection

ID: TFNFR3 - Category: Contribution/Support - GitHub Repo Branch Protection

Module owners MUST set a branch protection policy on their GitHub Repositories for AVM modules against their default branch, typically main, to do the following:

Requires a Pull Request before merging
Require approval of the most recent reviewable push
Dismiss stale pull request approvals when new commits are pushed
Require linear history
Prevents force pushes
Not allow deletions
Require CODEOWNERS review
Do not allow bypassing the above settings
Above settings MUST also be enforced to administrators

Tip

If you use the template repository as mentioned in the contribution guide, the above will automatically be set.