We want to set up a pool code review system where any developer can see a list of all pending code review requests and pick some to review. We're using Visual Studio Team Services.
As a first step, I need to allow the entire Project Collection Valid Users group to be added as reviewer of a pull request. (Currently the field seems to accept only users who are explicit members of the project team.) The second step is to grant read-access to all projects to all collection valid users.
The latter step seems to be answered by this answer.
But I'm completely stuck on making everyone a pull request reviewer. Is this even possible? If so how? (I'd prefer not to rely on a third-party extension if it can be done without.)
You can use below steps to make everyone as reviewers for VSTS pull requests:
Add an account level group to add all users as members for the group
In Security Page (https://account.visualstudio.com/_admin/_security) -> Create group -> input group name (assume it’s Engineering here) -> add all the users as members for the Engineering group.
Add the account level group (Engineering group) for each projects
In a project security page (https://account.visualstudio.com/project/_admin/_security) -> add the Engineering Group as a member for the project’s group or team.
Select the project team/group (which you add Engineering group as a member) for PR reviewers in the project
You can install Pull Request Dashboard extension to view the PRs clearly
You can install Pull Request Dashboard extension, so that users can view Pull Requests in the project by different kinds of categories: Request By me, Assigned To Me and Other Open Pull Requests.
By default, nothing like everyone, you can add as many people you want as reviewer.
Related
I have an issue, I have a team (they are added into Github package's teams list with Write perm) of external developers, I want to restrict their ability to approve each other's PRs.
Meaning other team/users should be probably a different set of perms.
How can I do it? I wasn't able to find this on Github.
PS.
I tried adding this to .github/CODEOWNERS (also enabled require owner review)
* #company/company-devs some-special-developer
but #other_company/devs <- were still able to approve
In GitHub or GitLab, to invite a collaborator, the administrator usually asks the collaborator's email.
Instead, how can the administrator allow anyone to request access through clicking a button on the GitHub / GitLab website?
I remember this was possible on at least one of these websites.
In GitLab, you can click on request access:
An email is sent to the most recently active project maintainers. Up to ten project maintainers are notified. Any project maintainer can approve or decline the request.
If a project does not have any maintainers, the notification is sent to the most recently active owners of the project’s group.
If you change your mind before your request is approved, select Withdraw Access Request
The OP Dean adds in the comments:
The maintainer can enable this by making the repo public but with visibility restricted to only project members.
With GitLab 15.8 (January 2023), that will trigger:
Create To-Dos for group owners on access request
Previously, access requests to a group appeared only in the Access requests tab in the Group members section.
Now, access requests also appear in the group owner’s To-Do List.
As a group owner, having access requests added directly to your To-Do List can help you manage your tasks more efficiently and add members quicker.
See Documentation and Issue.
And, still with See GitLab 15.8 (January 2023):
Create To-Dos for project owners on access requests
Previously, access requests to a project appeared only in the Access requests tab in the Project members section.
Now, access requests also appear in the project owner’s To-Do List.
As a project owner, having access requests added directly to your To-Do List can help you manage your tasks more efficiently and add members quicker.
See Documentation and Issue.
After hours of googling and search, I can't find how to add a required reviewer when people of a given team create a pull request in DevOps.
Some people will be able to contribute to our repository, but they are external to our company, that's why we want to enforce this control.
Does anyone ever did it?
Thanks.
It seems that you want to conditionally set the required reviewers according to which team the pull request creator comes from. If so, I think there is no such built-in function currently provided.
Currently only the filter condition of "based on which files changed" is provided.
You could add this feature request on our UserVoice site , which is our main forum for product suggestions. After suggest raised, you can vote and add your comments for this feedback. The product team would provide the updates if they view it.
You can do this with a branch policy in Azure DevOps Repos. In ADO, go to project settings and click Repositories in the menu in the Repos section of the project settings page. Click the repository you would like to protect with code reviews and then select the Policies tab. Next select the git branch needing reviews.
On the bottom of the branch policies page you can select Automatically included reviewers. Click the + button to add reviewers. When adding the reviewers you can select if these selected reviewers are required or optional. This is actually something of a rule-builder, you can add multiple 'rules' by repeatedly going through click + and add reviewers
There is also some documentation on branch policies that might be helpful
This is my solution, this has been work for year
Azure DevOps: Automatically add different Reviewers based on Pull Request author using Microsoft Power Automate
I have run into an issue where if my project managers are rushing, they sometimes will help move pull requests along by 'approving' them. As we have set the branch policy to require at least 2 approvals (and the creator cannot be one), this can be a bit of a frustration. I have moved the PMs into a new security group to isolate them from most options but I cannot find anything specific about Pull Requests. Does this just follow under the Contribute option or is there a specific way I can block them from being able to approve pull requests?
They have "Contribute to Pull Request" permissions, located under repo security settings. Remove that permission for the people you don't want to be approving PRs.
We have quite a few repositories in our organization, and we are constantly adding more. We also have a few different teams - Superusers, Developers, Contractors, etc. I want every newly created repository to automatically assume default permissions, like Superusers get automatic admin access to the repo, Contractors group gets just read access, etc. Is it possible to set that up? Is there a setting somewhere that I missed? And if there's not a way to do that, is there a way to batch apply a permission for one group to all repos within an account?
Update June 2017: with nested teams, you now can associate permissions to sub-teams, which could help group of users to have the correct right regarding a repo part of the organization.
Original answer (Apr. 2016)
Is it possible to set that up?
I did not see a way through the native GitHub web GUI administration pages.
And "permission" is deprecated when creating a team.
What you could consider though is a webhook listening for a an event, like a repository event.
That script listening to the event could then use the Team API to update the permission of the teams (according to their names) for the newly created repo.