LinuxCommandLibrary

gh-ruleset

Manage GitHub repository rulesets

TLDR

List all rulesets for the current repository

$ gh [[rs|ruleset]] [[ls|list]]
copy

List all rulesets for a specific organization
$ gh [[rs|ruleset]] [[ls|list]] [[-o|--org]] [organization_name]
copy

Check the rules that apply to the current branch
$ gh [[rs|ruleset]] check
copy

Check the rules that apply to a specific branch in another repository
$ gh [[rs|ruleset]] check [branch_name] [[-R|--repo]] [owner]/[repository]
copy

Interactively select and view a ruleset for the current repository
$ gh [[rs|ruleset]] view
copy

View a specific ruleset by its ID
$ gh [[rs|ruleset]] view [ruleset_id]
copy

View an organization-level ruleset by its ID
$ gh [[rs|ruleset]] view [ruleset_id] [[-o|--org]] [organization_name]
copy

Open the list of rulesets for a specific repository in the browser
$ gh [[rs|ruleset]] [[ls|list]] [[-R|--repo]] [owner]/[repository] [[-w|--web]]
copy

SYNOPSIS

gh ruleset <command> [<flags>]
where <command> is one of: create|delete|list|view

PARAMETERS

--repo [HOST/]OWNER/REPO
    Operate on a specific repository

--help
    Show help for command

create
    Create a new ruleset

--name <string>
    Name of the ruleset (create)

--enforcement <active|disabled|audit>
    Enforcement status (create)

--target <branch|tag|pull_request>
    Target for rules (create)

--source <string>
    Source type filter (list/create)

--bypass-actors <@user|@team|@role,...>
    Actors who bypass rules (create)

--allow <rule1,rule2,...>
    Allow rules like 'statuses', 'merge_queue' (create)

--require <rule1,rule2,...>
    Require rules like 'code_owners', 'approvals' (create)

--block <rule1,rule2,...>
    Block rules like 'pushes', 'non_fast_forwards' (create)

delete <ID|NAME>
    Delete ruleset by ID or name

list
    List rulesets for repo/org

--limit <int>
    Maximum number to list (default 30)

view <ID|NAME>
    View details of a ruleset

--json <fields>
    Output as JSON (list/view)

--jq <expression>
    Filter JSON with jq

--template <string>
    Format output with Go template

DESCRIPTION

The gh ruleset command, part of the GitHub CLI (gh), enables users to create, view, list, and delete rulesets for GitHub repositories and organizations. Rulesets are powerful policy enforcement tools introduced by GitHub to standardize rules like branch protections, required status checks, code owners, reviewer requirements, and custom workflows across repositories or org-wide.

Rulesets support conditions based on branches, tags, pull requests, or blobs, with enforcement levels: active, disabled, or audit. They bypass actors (users/teams/roles) can be specified for flexibility. This command is essential for repository admins automating governance, CI/CD pipelines, and compliance.

Usage requires GitHub authentication via gh auth login with appropriate permissions (e.g., admin:repo_ruleset). Output supports JSON for scripting. Subcommands provide granular control, making it a key tool for DevOps and security teams managing GitHub environments at scale.

CAVEATS

Requires gh auth login and admin:repo_ruleset or org:write permissions. Not all rules available in all contexts (e.g., enterprise vs. repo). JSON fields must match API schema. Experimental in early versions.

EXAMPLES

gh ruleset create --name 'Require reviews' --target pull_request --require 'approvals: {required_count: 2}'
gh ruleset list --repo owner/repo --limit 10 --json id,name
gh ruleset view 123 --jq '.rules'

RULES REFERENCE

Common rules: statuses, approvals, code_owners, signature. Full list in GitHub docs (link omitted). Use --help for details.

HISTORY

Introduced in GitHub CLI v2.20.0 (May 2023) with GitHub's rulesets beta feature, evolving from branch protections. Matured in v2.25+ with full rule support. Tracks GitHub Enterprise ruleset API.

SEE ALSO

gh(1), gh-repo(1), gh-branch-protection(1), git(1)

Copied to clipboard