From a5c27f4dc8b379420ba657cd7a47b7956cfdc8b0 Mon Sep 17 00:00:00 2001
From: CaiqueSF <caiquedesousaferreira@gmail.com>
Date: Sat, 9 Aug 2025 20:00:52 -0300
Subject: [PATCH] fix: workflows | codeowners

---
 .github/CODEOWNERS                          |  3 +++
 .github/workflows/branch_protection.yml     | 29 +++++++++++++++++++++
 .github/workflows/deploy.yml                | 18 ++++++-------
 .github/workflows/pull_request_workflow.yml | 15 +++++++++++
 4 files changed, 56 insertions(+), 9 deletions(-)
 create mode 100644 .github/CODEOWNERS
 create mode 100644 .github/workflows/branch_protection.yml
 create mode 100644 .github/workflows/pull_request_workflow.yml

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..23eafec
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,3 @@
+# Todos os arquivos YAML exigem aprovação sua
+*.yml @CaiqueSF
+*.yaml @CaiqueSF
diff --git a/.github/workflows/branch_protection.yml b/.github/workflows/branch_protection.yml
new file mode 100644
index 0000000..14d4f6e
--- /dev/null
+++ b/.github/workflows/branch_protection.yml
@@ -0,0 +1,29 @@
+name: Configure Branch Protection
+
+on:
+    push:
+        branches:
+            - main
+
+jobs:
+    protect-branch:
+        runs-on: ubuntu-latest
+
+        steps:
+            - name: Set branch protection
+              run: |
+                  curl -X PUT -H "Authorization: token ${{ secrets.PAT_GITHUB }}" \
+                      -H "Accept: application/vnd.github.v3+json" \
+                      https://api.github.com/repos/${{ github.repository }}/branches/main/protection \
+                      -d '{
+                        "required_pull_request_reviews": {
+                          "required_approving_review_count": 1,
+                          "require_code_owner_reviews": true
+                        },
+                        "enforce_admins": true,
+                        "restrictions": {
+                          "users": ["CaiqueSF"],
+                          "teams": []
+                        },
+                        "required_status_checks": null
+                      }'
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index fabadbb..7ea3d2c 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -1,15 +1,15 @@
 name: Pull Request Workflow
 
 on:
-  pull_request:
-    types: [closed]
+    pull_request:
+        types: [closed]
 
 jobs:
-  deploy-main:
-    runs-on: ubuntu-latest
+    deploy-main:
+        runs-on: ubuntu-latest
 
-    steps:
-    - uses: actions/checkout@v2
-    - name: Check if PR was merged
-      if: github.event.pull_request.merged == true
-      run: echo "Pull request was merged!"
+        steps:
+            - uses: actions/checkout@v2
+            - name: Check if PR was merged
+              if: github.event.pull_request.merged == true
+              run: echo "Pull request was merged!"
diff --git a/.github/workflows/pull_request_workflow.yml b/.github/workflows/pull_request_workflow.yml
new file mode 100644
index 0000000..e9498ca
--- /dev/null
+++ b/.github/workflows/pull_request_workflow.yml
@@ -0,0 +1,15 @@
+name: Pull Request Workflow
+
+on:
+    pull_request:
+        types: [closed]
+
+jobs:
+    pull-request-workflow:
+        runs-on: ubuntu-latest
+
+        steps:
+            - uses: actions/checkout@v2
+            - name: Check if PR was merged into main
+              if: github.event.pull_request.merged == true && github.event.pull_request.base.ref == 'main'
+              run: echo "Pull request foi mesclado na branch main!"