Various posts (including Github API - create branch?) give the API calls to make to create a new branch in a github repo, and can obviously be used in a script. I have a slightly different usecase though: I need to create a release branch (like release-1.2.3) when I already have a branch protection rule to cover release-*. The problem: without the branch protection rule, the linked method worked, while with it I get error:
422 Unprocessable Entity
The branch protection rule is fairly standard: requires a PR, requires a status check (I believe only applies to the PR?), "Restrict who can push to matching branches" and "Restrict pushes that create matching branches" are ticked and set to a group that contains all our main team, but includes the user who corresponds to the Jenkins job from where I am running this from.
My guess is that if I can use the new(ish) "bypass branch protections" and clear the "Do not allow bypassing the above settings" settings in the rule would work - can't actually try as yet because I don't have the rights to create the associated custom role but probably will. Alternatively creating the branch on a local repo and pushing it should work given the permissions (yet to try as more scripting but probably will). Question: has anybody got an easier way of doing this?
Related
I am working on a repo where I am the owner and only author in it.
I want to have in my repo the same behavior as I would when working with a team that protects my branch from direct commits as they must go through a Pull Request. The reason for doing so is to protect from my own mistakes as I sometimes go back to main branch and accidentally push code to it. I want only code that passed through a Pull Request to be able to be merged to main branch.
In order to achieve such behavior I added the following rule to my main branch -
Which is almost what I need, expect that I am locked without the ability to approve my PR's as there is a message I get saying authors of the PR can't approve their PR's - a logical error nonetheless, but if I am working alone in the repo this is not what I am looking for.
How can I achieve what I am looking for?
Simply disable "Require approvals" (the second checkbox in your screenshot), you will still be required to create a PR.
You can merge your own PRs, the only thing you cannot do is to approve your own work (after all: why would you? Hopefully you deem your own changes good!)
I am looking to create Github repos with branch protection such that any merges to main branch requires certain checks to pass. We bootstrap Github repositories using code. The issue I am facing is to enable branch protection these checks need to exist beforehand. I have tried creating a webhook on push and added code to create checks and then add rule for branch protection but this way there is a small amount of time where there is no check and anyone can merge in this time. Can someone suggest what I can do to avoid this. Thanks!
I would like to run a specific workflow when a new repository is created, so that I can guide the user in performing an initial setup that corresponds to the standard required by the organization (i.e. setup branch protection, create an empty project with right naming convention, enable dependabot and more).
I did not find anything in the documentation to provide such level of automation, looking at the event triggers this seems not supported.
Is there anything I'm missing or do you have any idea on how I could do such things?
Is there any rule that can be configured on GitHub that restricts who can force-push? The way it looks right now is that any rule opened on any branch automatically prevents force-pushes to anyone (including administrators). I want to allow force-pushes to specific users/groups (e.g., administrators).
As noted in Tomerfi's answer, since Dec. 2021:
Specify who can force push to a repository
Instead of allowing all or no users to force push, admins can now be selective about who can force push to a repository.
The image below shows how in the past, admins could use a branch protection rule to allow force pushes for everyone or no one, including admins:
Branch protection rule to allow everyone or no one to force push:
This all-or-nothing approach didn't support limiting force pushes to select users or teams of an admin's choosing.
For example, you might have wanted to allow only a few people to force push, or you had an automated process that solely needed to force push.
Now, you can be specific about the people and teams who are allowed to force push.
As shown in the image below, select Allow force pushes and Specify who can force push. Then, search for and select the people and teams who should be allowed to force push.
Branch protection rule to allow everyone, no one, or select users or teams to force push:
For more information, visit Managing a branch protection rule.
Original answer (2019):
You can't directly setup that on GitHub.
You can setup different repositories though:
one where you can force push
one where the branch is protected to everyone.
Then you can make PR (Pull Request) from one repository to another.
This is now actually supported on GitHub:
https://github.blog/changelog/2021-12-21-specify-who-can-force-push-to-a-repository/
I want to fork a github project to fix a couple of issues and then send a pull request.
The problem I'm running into is that I've already forked the project to adapt it for another user base.
Is it possible to create a second fork? If so, how?
When I try to fork now it just takes me to the previously created fork.
There is no way to have two forks of the same GitHub project unless you use two different GitHub accounts.
So:
Create a separate GitHub account (and verify the email)
Fork the
project
Invite your main GitHub account as a "Collaborator" (from
the settings)
You may need to add the extra step of creating an organization with the new GitHub account and inviting your main github account as an owner of the organization (also make sure your new fork is in that new organization). This will let you do things like deploy automatically to a Heroku app that is connected to your main GitHub account.
Why can't we just have multiple forks???
I mean that I could just commit and push without making a pull request, but I want to do it the offical way and I want somebody else to review the changes before I push to a public project.
GitHub pull requests do not need to be submitted from a fork; they work within a single repository as well:
Pull requests are especially useful in the fork & pull model because they provide a way to notify project maintainers about changes in your fork. However, they're also useful in the shared repository model where they're used to initiate code review and general discussion about a set of changes before being merged into a mainline branch.
There's nothing stopping you from creating a pull request even if you don't technically have to. This is often considered a best practice, and GitHub's own Flow model is largely based on pull requests.
Creating a pull request within a single repository is very similar to creating one from a fork:
Create a feature branch and push your work to that branch on GitHub
In the GitHub web UI, switch to your feature branch
Click the "Compare" & review button
The trick is not to use the master branch to create pull requests. Then you won't need to create multiple forks since you can make as many branches as you need and make pull requests against each branch independently.
Given a clean forked repo, create a dedicated branch and use that branch for the pull request.
You can create branches from the web UI (although it is not obvious).
Click the branch selection dropdown, type the new branch name in the input field, and then you'll see a clickable link Create branch: <new-branch-name> as shown below. The tricky UI part is that it might not be very obvious you should click the "create branch: xyz..." — it is NOT displayed as a button or as a hyperlink, and there is NO indication that this is a clickable link. Moreover, there is NO hint whatsoever that a branch can be created until you type in the search box — anyone would probably assume that the search box is used exclusively for searching branches, and not for creating them.
In case you already made changes directly in your fork's master branch then consider moving those changes into a dedicated branch and hard resetting the master branch to the original remote so that you keep it clean for synching with the upstream repo.
See also:
https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository
The best way, recommended by github manual, is use command line git, mirror clone your repo and push it to your github.
https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/duplicating-a-repository
If you strongly prefer GitHub web interface to the command line, a GUI friendly workaround is create a new organization and fork to that new organization.
Another GUI way I can think of is to declare a fork as a template repo using repo's setting so you can create as many forks as you need.