Default branch health and merge guardrails

We are using Spacelift’s merge then apply model, where plans run on PRs and then a tracked run applies on the default branch after merge. Our main concern is what happens when that apply on main fails. At that point the default branch is effectively broken, but other teams can still merge on top of it, which is risky for us as a crypto exchange.

We would like Spacelift to have a clear concept of “default branch health” per stack, for example: healthy, waiting for confirmation, or failing. That state should be visible in the Spacelift UI and, ideally, exposed back to GitHub as a status check or automated comment on open PRs. We’d like a “warn only” mode, where merges are still allowed but clearly flagged, and a stricter mode where a required check blocks merges while the default branch is failing, with a controlled bypass for a designated “fix” PR or specific roles.

Right now we can approximate this with custom policies and external automation, but it adds a lot of complexity. Having branch health and merge guardrails as a native feature would make the recommended merge then apply flow safer and simpler for teams like ours.