Skip to content
Latchkey

How to Configure Branch Protection Rules per Strategy

Branch protection turns a strategy into a guarantee: it blocks merges to protected branches until required checks and reviews pass.

Which branches you protect follows your strategy. Trunk-based and GitHub Flow protect main. GitFlow also protects develop and main. GitLab Flow protects environment branches. Configure required checks and reviews with the gh CLI or a ruleset.

Steps

  • Identify the branches that must always be releasable for your strategy.
  • Require the CI status check to pass before merge.
  • Require at least one approving review and dismiss stale approvals on new pushes.
  • Enforce linear history if you rely on rebase or squash merges.

Configure with the gh CLI

Terminal
gh api -X PUT repos/OWNER/REPO/branches/main/protection \
  -f "required_status_checks[strict]=true" \
  -f "required_status_checks[contexts][]=verify" \
  -f "enforce_admins=true" \
  -F "required_pull_request_reviews[required_approving_review_count]=1" \
  -f "restrictions=null"

Gotchas

  • Protecting too many branches slows small teams; protect only what must stay green.
  • A required check that can be skipped by a path filter blocks merges; add a placeholder job.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →