We are using git repositories with our azure dev-ops setup.
I have a couple of branches that I've worked on a lot, but we are having to put a pause on the work for now as other items have become more important. I want to make sure these branches are not deleted accidentally. My permission setup is a little higher than some of the other developers. Is there a way to put a lock from deleting the branch from the Collection -> Repos -> Branches?
Right now I go to More Options -> Delete Branch and it will ask before it is deleted. I want to put a lock where if you say Delete to Branch feature/testbranchdelete will be permanently deleted. Are you sure you want to proceed? that it will stop it from being deleted.
Thanks.
I have tested according to your narrative and found that the locked branch could still be deleted. And after I changed the Branch Security Permission, the test branch was unable to be deleted.
Please use a new branch in your Repos for the test of this operation following the marks in the picture below. Define Individual and Group Users as Force push (rewrite history, delete branches and tags) -> Deny.
Related
We store our git in TFS - Azure Devops.
We want to protect the main branch from push and deletion. push must be done with PR.
So we added a branch policy "Require a minimum number of reviewers".
The problem: users can still push to the branch.
So we updated the policy for "Bypass policies when pushing" and "Force push (rewrite history, delete branches and tags)" to "Deny".
But now the users cannot delete other branches..
Any idea how can we protect only the Main branch from deletion and push ?
Based on your description, it seemed that you had denied Force push (rewrite history, delete branches and tags) security settings on the repository level, so that all other branches were unable to be deleted as well.
Please check the security permission Force push (rewrite history, delete branches and tags) in All repositories and one affected repository for the users/groups. You may try and set the permission of Force push (rewrite history, delete branches and tags) in your repository Security tab back to Allow/Not Set for the users/groups and only adopt branch security restriction on the branch level.
Kindly refer to the security settings on the main branch like below. Thus, other branches will not be affected by the settings of the main branch and they could be still deleted or pushed.
You don't need the force push policy. Setting the require minimum number of reviewers in conjunction with denying the Bypass policies when pushing should give you what you want.
As long as you have these in place, your users cannot bypass the PR rule and if they try to do it with a force push will still receive an error
How can you stop a branch being accidentally deleted in a pull request?
The issue is the "Complete pull request" has got the "Delete dev after merging" check box, and this seems to be checked by default, which may be because I'm the owner of the repos.
Is there someway to disable this for all users?
For now, there is no way to disable the Delete source branch after merging option.
And there is an user voice Disable Delete Branch Checkbox in PR When Branch Policy In Place which suggest similar feature, you can vote and follow up.
The workaround is set branch security for the target branch (dev branch for your situation):
In VSTS Branches Tab -> click … button for dev branch -> Branch security -> change Force push (rewrite history, delete branches and tags) as Deny for the users and groups -> Save changes.
BTW: Delete source branch after merging option in PR completing window is not checked/selected by default, but based on the last time's setting. Such as if you deselect the option now, when you open the PR completing window next time, the Delete source branch after merging option will be deselected.
See this post. You just need to add a policy to the branch, then it cannot be deleted.
I may be a bit late on this thread. I faced this problem and found solution in Azure Dev Ops. While approving you get option to deselect.
We have over 100 repos which follow the github workflow https://guides.github.com/introduction/flow/. Ideally, when people are merging their code, they'll also click the Delete Branch button, but unfortunately, that step gets missed pretty often. I'm looking for a way to automatically delete branches which have been merged to the master branch. I'm thinking it should either be an organizational level webhook or integrated into our existing Jenkins system. I'm hoping that someone has already written this tool. Anyone?
If I fork a repository I have permission to that is owned by a company into my personal github, make some changes, make a PR, sometimes my collaborators (the ones in charge of the PR) will click "merge and delete local branch". This deletes the branch out of my private github account. Is there a way to disable this?
If there is no way to disable it, a workaround would be to create a branch referencing the same HEAD as the feature branch used for the PR (and which gets deleted when merged in the original repo).
That would allow you to keep track of that feature branch, even after the PR has been completed.
I have some queries with following scenario on github.
consider there is one organization who have created repository "repo1" and added 2 users in their organization to work on that repository.
Now every user had taken clone of that and make changes in common file and commit their changes so it will make changes in their local copy (as i understood) , now when they will push, at that time how github will merge their changes? how conflicts will be handled?
thanks.
GitHub will reject non fast-forward pushes by default. This means, that unless the user does a git pull to resolve the conflict locally, the push will fail. Git does The Right Thing™, you won't overwrite changes.