Enforce Passing GuardRails Checks

Once GuardRails has been setup in your VCS, you can enforce passing checks to allow merging of PR/MRs.

Table of Contents

• Table of Contents
• GitHub
• GitLab
• Bitbucket

GitHub

On GitHub you can setup branch protection rules for each repository by browsing to "Settings"->"Branches". There select guardrails/scan in the section "Requires status checks to pass before merging".

More information:

• Configuring Protected Branches
• GH Enterprise - Configuring Protected Branches

GitLab

On GitLab you configure the merge checks behavior. Follow these steps:

1. Navigate to your project’s Settings > General page.
2. Expand the Merge requests section.
3. In the Merge checks subsection, select the Pipelines must succeed checkbox.
4. Press Save for the changes to take effect.

More information:

• Allow Merge Requests to be merged if pipeline succeeds
• Pipelines for Merge Requests

Bitbucket

Under the specific repository that you would like to enforce a branch rest, go to branch restrictions to open the Add a branch restriction dialog box.

Change the branch restrictions to the following options:

Once added the rule should appear as below in the branch restrictions page.

Once this is done, this will add a merge check to the pipeline. This merge check will fail if GuardRails detects a vulnerability.

Because the merge check fails, a repository contributor will not be able to merge the pull request.

Repository admins who will also be blocked from merging as long as the pipeline is failing.