feat: Add GitHub branch protection JSON configurations

- Add main-branch-protection.json for simple main branch protection
- Add github-repository-rules.json for comprehensive repository rules
- Add github-branch-protection.json for basic branch protection
- Provide multiple JSON options for different GitHub features
- Ready to upload to GitHub repository settings

Author: adrian207

EJBCA---Automated-Lab-Docker/github-branch-protection.json

@@ -0,0 +1,34 @@
+{
+  "name": "EJBCA Automated Lab Repository Rules",
+  "target": "branch",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "include": ["main", "develop"]
+    }
+  },
+  "parameters": {
+    "required_status_checks": {
+      "strict": true,
+      "contexts": [
+        "branch-protection-check",
+        "terraform-validate",
+        "security-scanning",
+        "kubernetes-deploy",
+        "ansible-lint"
+      ]
+    },
+    "dismiss_stale_reviews_on_push": true,
+    "require_code_owner_reviews": true,
+    "required_approving_review_count": 2,
+    "require_last_push_approval": true,
+    "required_linear_history": true,
+    "allow_force_pushes": false,
+    "allow_deletions": false,
+    "block_creations": false,
+    "required_conversation_resolution": true,
+    "require_signed_commits": true,
+    "lock_branch": false,
+    "allow_fork_syncing": true
+  }
+}

EJBCA---Automated-Lab-Docker/github-repository-rules.json

@@ -0,0 +1,173 @@
+{
+  "rules": [
+    {
+      "name": "Main Branch Protection",
+      "target": "branch",
+      "enforcement": "active",
+      "conditions": {
+        "ref_name": {
+          "include": ["main"]
+        }
+      },
+      "parameters": {
+        "required_status_checks": {
+          "strict": true,
+          "contexts": [
+            "branch-protection-check",
+            "terraform-validate",
+            "security-scanning",
+            "kubernetes-deploy",
+            "ansible-lint"
+          ]
+        },
+        "dismiss_stale_reviews_on_push": true,
+        "require_code_owner_reviews": true,
+        "required_approving_review_count": 2,
+        "require_last_push_approval": true,
+        "required_linear_history": true,
+        "allow_force_pushes": false,
+        "allow_deletions": false,
+        "block_creations": false,
+        "required_conversation_resolution": true,
+        "require_signed_commits": true,
+        "lock_branch": false,
+        "allow_fork_syncing": true
+      }
+    },
+    {
+      "name": "Develop Branch Protection",
+      "target": "branch",
+      "enforcement": "active",
+      "conditions": {
+        "ref_name": {
+          "include": ["develop"]
+        }
+      },
+      "parameters": {
+        "required_status_checks": {
+          "strict": true,
+          "contexts": [
+            "branch-protection-check",
+            "terraform-validate",
+            "security-scanning"
+          ]
+        },
+        "dismiss_stale_reviews_on_push": true,
+        "require_code_owner_reviews": false,
+        "required_approving_review_count": 1,
+        "require_last_push_approval": false,
+        "required_linear_history": false,
+        "allow_force_pushes": false,
+        "allow_deletions": true,
+        "block_creations": false,
+        "required_conversation_resolution": true,
+        "require_signed_commits": false,
+        "lock_branch": false,
+        "allow_fork_syncing": true
+      }
+    },
+    {
+      "name": "Feature Branch Rules",
+      "target": "branch",
+      "enforcement": "active",
+      "conditions": {
+        "ref_name": {
+          "include": ["feat/*", "feature/*", "bugfix/*", "hotfix/*"]
+        }
+      },
+      "parameters": {
+        "required_status_checks": {
+          "strict": true,
+          "contexts": [
+            "branch-protection-check",
+            "terraform-validate"
+          ]
+        },
+        "dismiss_stale_reviews_on_push": true,
+        "require_code_owner_reviews": false,
+        "required_approving_review_count": 1,
+        "require_last_push_approval": false,
+        "required_linear_history": false,
+        "allow_force_pushes": false,
+        "allow_deletions": true,
+        "block_creations": false,
+        "required_conversation_resolution": true,
+        "require_signed_commits": false,
+        "lock_branch": false,
+        "allow_fork_syncing": true
+      }
+    },
+    {
+      "name": "Pull Request Rules",
+      "target": "pull_request",
+      "enforcement": "active",
+      "conditions": {
+        "ref_name": {
+          "include": ["main", "develop"]
+        }
+      },
+      "parameters": {
+        "required_approving_review_count": 2,
+        "dismiss_stale_reviews_on_push": true,
+        "require_code_owner_reviews": true,
+        "require_last_push_approval": true,
+        "required_linear_history": true,
+        "required_conversation_resolution": true
+      }
+    },
+    {
+      "name": "Commit Message Rules",
+      "target": "tag",
+      "enforcement": "active",
+      "conditions": {},
+      "parameters": {
+        "pattern": "^(feat|fix|docs|style|refactor|test|chore|ci|build|perf|revert)(\\(.+\\))?: .{1,50}",
+        "operator": "regex"
+      }
+    },
+    {
+      "name": "Terraform Files Protection",
+      "target": "path",
+      "enforcement": "active",
+      "conditions": {
+        "ref_name": {
+          "include": ["main", "develop"]
+        }
+      },
+      "parameters": {
+        "rules": [
+          {
+            "name": "Terraform files require review",
+            "paths": {
+              "include": ["terraform/**"]
+            },
+            "required_approving_review_count": 2,
+            "require_code_owner_reviews": true
+          },
+          {
+            "name": "Security-sensitive files",
+            "paths": {
+              "include": [
+                "**/*secret*",
+                "**/*key*",
+                "**/*password*",
+                "**/*credential*",
+                "**/*token*"
+              ]
+            },
+            "required_approving_review_count": 2,
+            "require_code_owner_reviews": true
+          },
+          {
+            "name": "Documentation changes",
+            "paths": {
+              "include": ["docs/**", "*.md"]
+            },
+            "required_approving_review_count": 1,
+            "require_code_owner_reviews": false
+          }
+        ]
+      }
+    }
+  ]
+}

EJBCA---Automated-Lab-Docker/main-branch-protection.json

@@ -0,0 +1,34 @@
+{
+  "name": "Main Branch Protection",
+  "target": "branch",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "include": ["main"]
+    }
+  },
+  "parameters": {
+    "required_status_checks": {
+      "strict": true,
+      "contexts": [
+        "branch-protection-check",
+        "terraform-validate",
+        "security-scanning",
+        "kubernetes-deploy",
+        "ansible-lint"
+      ]
+    },
+    "dismiss_stale_reviews_on_push": true,
+    "require_code_owner_reviews": true,
+    "required_approving_review_count": 2,
+    "require_last_push_approval": true,
+    "required_linear_history": true,
+    "allow_force_pushes": false,
+    "allow_deletions": false,
+    "block_creations": false,
+    "required_conversation_resolution": true,
+    "require_signed_commits": true,
+    "lock_branch": false,
+    "allow_fork_syncing": true
+  }
+}