From 187a9ba588bb6c84d90f8a7ae8b4e45b7f07d55d Mon Sep 17 00:00:00 2001
From: CaiqueSF <caiquedesousaferreira@gmail.com>
Date: Sat, 9 Aug 2025 20:41:11 -0300
Subject: [PATCH] fix: secrets.GITHUB_TOKEN

---
 .github/CODEOWNERS                      |  3 +++
 .github/workflows/branch_protection.yml | 31 +++++++++++++++++++++++++
 .github/workflows/deploy.yml            | 22 +++++++++---------
 3 files changed, 45 insertions(+), 11 deletions(-)
 create mode 100644 .github/CODEOWNERS
 create mode 100644 .github/workflows/branch_protection.yml

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..23eafec
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,3 @@
+# Todos os arquivos YAML exigem aprovação sua
+*.yml @CaiqueSF
+*.yaml @CaiqueSF
diff --git a/.github/workflows/branch_protection.yml b/.github/workflows/branch_protection.yml
new file mode 100644
index 0000000..84059f8
--- /dev/null
+++ b/.github/workflows/branch_protection.yml
@@ -0,0 +1,31 @@
+name: Configure Branch Protection
+
+on:
+    push:
+        branches: [main]
+
+jobs:
+    protect-branch:
+        runs-on: ubuntu-latest
+        steps:
+            - name: Set branch protection
+              run: |
+                  curl -X PUT -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+                    -H "Accept: application/vnd.github.v3+json" \
+                    "https://api.github.com/repos/${{ github.repository }}/branches/main/protection" \
+                    -d '{
+                      "required_pull_request_reviews": {
+                        "required_approving_review_count": 1,
+                        "require_code_owner_reviews": true,
+                        "dismiss_stale_reviews": true
+                      },
+                      "enforce_admins": true,
+                      "restrictions": {
+                        "users": ["CaiqueSF"],
+                        "teams": []
+                      },
+                      "required_status_checks": null,
+                      "required_linear_history": true,
+                      "allow_force_pushes": false,
+                      "allow_deletions": false
+                    }'
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index fabadbb..f9af4de 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -1,15 +1,15 @@
-name: Pull Request Workflow
+name: Deploy Main
 
 on:
-  pull_request:
-    types: [closed]
+    workflow_dispatch:
+    pull_request:
+        types: [closed]
 
 jobs:
-  deploy-main:
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v2
-    - name: Check if PR was merged
-      if: github.event.pull_request.merged == true
-      run: echo "Pull request was merged!"
+    deploy-main:
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v4
+            - name: Manual Deploy
+              if: github.event.pull_request.merged == true
+              run: echo "🚀 Deploy finalizado com sucesso"