IBM DevSecOps Reference Implementation - CI Pull Request¶
Before developers can push their code into 'main', security checks need to pass and approvals need to be done first.
Step 1: A developer creates a new version of README.md in the backend repo. The change is done in a developer branch.¶
Step 2: The developer creates a pull request.¶
Step 3: Before the pull request can be merged, security checks are performed via the 'backend pr-pipeline'.¶
Step 4: After the security checks have passed, an approval from a second developer is required.¶
Step 5: The second developer approves the pull request.¶
Step 6: The pull request can now be merged.¶