I'm defining branch protection rules on GitHub, and I would like to know if is there any way to define a Pull Request flow like: qa --> main.
I know it's possible to require pull request before merging (on Require a pull request before merging flag under Branches > Branch protection rule), but I didn't find any option for defining this flow.
There's no way on GitHub to force a source branch to be fixed to a certain value, but you can solve this problem with a required CI check that fails if the PR to main has the wrong source branch. That's the usual way that people handle this sort of issue.
Related
I am working on a repo where I am the owner and only author in it.
I want to have in my repo the same behavior as I would when working with a team that protects my branch from direct commits as they must go through a Pull Request. The reason for doing so is to protect from my own mistakes as I sometimes go back to main branch and accidentally push code to it. I want only code that passed through a Pull Request to be able to be merged to main branch.
In order to achieve such behavior I added the following rule to my main branch -
Which is almost what I need, expect that I am locked without the ability to approve my PR's as there is a message I get saying authors of the PR can't approve their PR's - a logical error nonetheless, but if I am working alone in the repo this is not what I am looking for.
How can I achieve what I am looking for?
Simply disable "Require approvals" (the second checkbox in your screenshot), you will still be required to create a PR.
You can merge your own PRs, the only thing you cannot do is to approve your own work (after all: why would you? Hopefully you deem your own changes good!)
I am looking to create Github repos with branch protection such that any merges to main branch requires certain checks to pass. We bootstrap Github repositories using code. The issue I am facing is to enable branch protection these checks need to exist beforehand. I have tried creating a webhook on push and added code to create checks and then add rule for branch protection but this way there is a small amount of time where there is no check and anyone can merge in this time. Can someone suggest what I can do to avoid this. Thanks!
I have set up a git repo with protected branches in GitHub: 'main' and 'dev-*' require PRs to merge. However, all merging of other branches should be done to dev-*, and merges to main should only be done from dev-*.
I would like to set up a rule to prevent PRs into main from branches that do not match the pattern dev-*. Is there any way to do this?
GitHub doesn't provide an intrinsic way to do this, but you can always set up a CI check, such as a GitHub Action, such that it fails if the base branch is not correct. If you use a GitHub Action, you could even make it post to the issue to let the user know what's going on.
If you combine this with branch permissions that require passing status checks to merge (which are in the protected branches area), then this will prevent anyone from successfully merging from an undesired branch.
I am looking for a way by GitHub setting or CircleCI settings preventing the person that is involved in PR (create PR or make a commit) to be able to merge PR (or even approve it).
So far I have the protection of a branch that requires approvals but post-approval I as PR creator and committer I still able to merge.
You need to be able to
prevent the person that is involved in PR (create PR or make a commit) to be able to merge PR (or even approve it)
A contributor who has created a PR cannot approve or request changes by default in GitHub, so that is already taken care of.
Since a Pull Request is a GitHub feature, a PR merge can currently only be blocked by 2 ways
Using GitHub's settings
Using pre-receive hooks (only for GitHub Enterprise)
Using GitHub's settings, you can only block merging by requiring either pull request reviews, status checks to pass, signed commits or linear history as shown under the branch protection settings.
or by allowing merge commits, squash merging or rebase merging as shown in the Merge button section under repo settings
If you are on GitHub Enterprise, you can use a pre-receive hook (documentation) like below and ensure that self merging PRs are blocked (This eg is here)
if [[ "$GITHUB_VIA" = *"merge"* ]] && [[ "$GITHUB_PULL_REQUEST_AUTHOR_LOGIN" = "$GITHUB_USER_LOGIN" ]]; then
echo "Blocking merging of your own pull request."
exit 1
fi
exit 0
Apart from the above, there is no other way currently to block self merging PRs on GitHub. And using CircleCI or any other CI workflow can only block merging for everybody(if you opt for the requirement of status checks on GitHub) or nobody, as it can't control the PR merge button.
Greeting! The short answer is no. Now the longer answer! GitHub supports enabling master branch protection. This can help you enforce all kinds of rules like:
All PRs must have a code review before being merged
The reviewers of the code need to be an admin
The reviewers of the code need to be in a CODEOWNERS file
A subset of status checks all need to pass
For all of these rules, the assumption is that once they've been satisfied, anyone with write access to the repository can merge the PR. I'm curious - in what situation do you want to prevent that?
Now onto the bad ideas. If this was super important - you could take the drastic step of ensuring no human is responsible for merging PRs :) You could add a codeowner that is mapped to a robot account, ensuring that robot account performs an approval before the PR can merge. To that end, you could write logic in a custom GitHub action that's triggered on PR events to determine if the PR should be merged, and auto-merge it if all appropriate conditions are met.
I'm curious - why is this something you wanna do?
I've built an Action to provide this; should work on GitHub.com, GHEC, and GHES: https://github.com/marketplace/actions/dismiss-code-reviews-from-collaborators
As always, Issues & PRs are welcomed: https://github.com/peckjon/reject-pr-approval-from-committer
I recently merged a branch into master and want to delete it now that I'm done with it. But github tells me that I can't delete it because some open pull request depends on it. How do I find out which pull requests depend on this branch?
To find the open pull requests which depend on a particular branch called foo (i.e. pull requests for merging other branches into branch foo), use the following Filter query in the Pull requests tab:
is:pr base:foo is:open
This will identify the Pull Requests preventing the deletion of branch foo
I found that one of my open pull requests was trying to merge into the branch I was trying to delete, instead of merging into master as it was supposed to. Fixing this allowed me to delete my branch.
I could not find a way to easily view all the open pull requests involving any given branch, so I had to go through my open PRs one by one.