Limit write deploy keys to specific branches

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Description

Currently, read-write deploy keys are given write access to the entire repository. This makes them less useful for integrations that should only push to specific branches when compared to a user as preventing pushing to other branches relies on business processes rather than being enforced.

Proposal

When adding a write-enabled deploy key, provide an option to limit it to a subset of branch(es) using the same regex/exact match as with protected branches.

Links / references