I need to set up GitHub so that several collaborators can all check out to a branch, check in that branch, and request to merge it into master. But only I can approve that merge.
I've read several posts on this (here & here among others) but all seem to be either very complex (and overridable since collaborators can change the text files of any actions enforcing this) or not exactly this.
So, is there a straightforward secure way to accomplish this?
thanks - dave
You can use CODEOWNERS as outlined in this answer. The version of CODEOWNERS used is the version on the destination branch (that is, master), not the source branch.
Certainly it's possible that collaborators can change the text file, but of course you will not approve such a change, and it will be rejected. You'll need to protect master, require a single code owner approval, and require a PR to merge the branch.
You can specify both a team and individual users in the CODEOWNERS file, so if you use a team consisting of just you, you could decide in the future to temporarily add another party to the team if you went on vacation and wanted to delegate the responsibility to someone else. Or you could not, and just leave it until you get back.
