turbot/github_sherlock
GitHub
Loading controls...

Control: Default branch requires pull request reviews before merging in each private repository

Description

Pull request reviews help improve quality of commits into the default branch.

Usage

Run the control in your terminal:

steampipe check github_sherlock.control.private_repo_default_branch_requires_pull_request_reviews

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share github_sherlock.control.private_repo_default_branch_requires_pull_request_reviews

Plugins & Tables

SQL

select
url as resource,
case
when (default_branch_ref -> 'branch_protection_rule') is null then 'info'
when (
default_branch_ref -> 'branch_protection_rule' ->> 'requires_approving_reviews'
) = 'true' then 'ok'
else 'alarm'
end as status,
name_with_owner || ' default branch ' || (default_branch_ref ->> 'name') || case
when (default_branch_ref -> 'branch_protection_rule') is null then ' branch protection rule unknown.'
when (
default_branch_ref -> 'branch_protection_rule' ->> 'requires_approving_reviews'
) = 'true' then ' requires pull request reviews.'
else ' does not require pull request reviews.'
end as reason,
name_with_owner
from
github_my_repository
where
visibility = 'PRIVATE'
and is_fork = false

Tags