IBM DevSecOps Reference Implementation - CI Pull Request

Before developers can push their code into 'main', security checks need to pass and approvals need to be done first.

Step 1: A developer creates a new version of README.md in the backend repo. The change is done in a developer branch.

Step 2: The developer creates a pull request.

Step 3: Before the pull request can be merged, security checks are performed via the 'backend pr-pipeline'.

Step 4: After the security checks have passed, an approval from a second developer is required.

Step 5: The second developer approves the pull request.

Step 6: The pull request can now be merged.

Next: When the pull request has been merged, it triggers the CI pipeline .