We plan to have only admins able to make changes to our repo’s master branch. Developers can clone the repo and then create their own dev branch off of master to work on. When developers feel ready, they can merge their development branch onto the master branch using a pull request. However, they will not be able to merge their dev branch into master until the admins have approved the changes.
On Bitbucket, I set branch permissions as:
+ Write Access: Rachel and Jamie.
+ Merge via pull request: Rachel, Jamie, and team:developers.
+ Merge checks: check for at least 2 approvals.
Next, we had a developer (not Rachel or Jamie) make changes on their own dev branch. They then committed and pushed the changes to their remote dev branch--worked as expected.
Last, they initiated a pull request to merge the remote dev branch into master. A warning that two approvals was needed popped up, but the developer was still able to just click "Merge" and the dev branch merged into the master branch, despite 0 approvals.
I expected that the developer would not be able to merge with 0 approvals. How do I set permissions so that this is the case?
Two things:
You explicitly granted "merge via pull request" access to the developers. They're therefore able to merge pull requests. If you never want them to merge PRs to that branch, then revoke that. (They'll still be able to create PRs, just not merge them.)
You didn't mention whether you've enabled "Prevent a merge with unresolved merge checks", under the premium features.
We've created a plugin to prevent this situation. You can inspect it on marketplace:
https://marketplace.atlassian.com/apps/1219882/prevent-merge-when-needs-work
Related
My team is using BitBucket for Git repositories. We plan to go live in next two months and what I want to do is to limit so that the pull requests can be only made from a specific branch to the 'production' branch.
I am aware of the Branch Permission sections of the BitBucket but that solves by limiting the 'Changes without a pull request' only half the issue.
What I want to achieve is that there should be no changes allowed without approved pull request and this pull request can only be made from a specific branch.
If the pull request is made from any other 'random' branch to the 'production' branch the pull request could get automatically denied.
Is such a thing possible? Thanks.
I cannot find an option to delete a PR on BitBucket.
Am I overlooking something or it's really not possible?
You can decline a pull request which has the same result -- stopping / removing the PR.
As per the link jonrsharpe mentioned, to the right of the merge button there are 3 dots. Under that menu you should have a delete option if you have permission to delete.
This is available only for BitBucket Server, not on BitBucket.org.
In BitBucket.org there is no option to delete the PR.
For Bitbucket Cloud, there are no way to do this. One way of getting by is to have a 'dev/junk' branch, used for declined or useless pull requests.
Then just edit the existing request to go into this branch and merge.
Data is still there, in case you need it some day, or if it's sensitive info you can remove the whole branch. If its already declined before, well, nothing can be done then other than recreating that repo
See https://jira.atlassian.com/browse/BCLOUD-8089 for the update on this feature request and vote on it!
I wanted to delete a pull request of a branch that had already been merged and deleted. Even though I am an admin of my project, I cannot see any "delete" options. For me what worked was to recreate the deleted branch from the main branch and push it. E.g.
git checkout master
git checkout -b [deleted branch name]
git push -u origin [deleted branch name]
Then I opened Bitbucket and the branch showed up as "merged" and disappeared from the PRs list.
You cannot delete the PR in bitbucket.org .
Using Decline option will do exactly what you want - the PR won't be visible in the tab Pull requests (you need to sort PR by Decline to see it) but on tab Branches you will see that in column Pull request you have removed your problematic PR.
PS you cannot undo Decline of PR, so take care
We have TFS 2018 Update 3. We have git repositories and branches on them are secured with branch policies.
We have TFS groups which are through branch policies used as default approve groups for pull requests.
Problem: when somebody creates a PR to a particular branch, we'd expect, that people in the default group receive an email from TFS that new PR was created.
Despite the fact, that all of them have their own notifications enabled, they do not receive it...
Is there any configuration I need to do?
You need to configure the notification in the Team level:
I already merged a pull request in bitbucket. Can you all explain what is the difference between click Approve and don't click it?
Because I see that the merge commit still appears in git history/log even that I don't click Approve.
If your team has a Premium plan, repository admins can prevent pull requests that don't have a certain number of approvals from merging.
Other than that, it is a visual check only that the merge request was reviewed and approved prior to merging.
See: https://confluence.atlassian.com/bitbucket/pull-requests-and-code-review-223220593.html
We use Gerrit 2.5-rc1) ACLs to manage access to our git projects & branches. We try to keep the rules simple for developer groups; refs/heads/* allow Push, Create Reference, Push Merge Commit.
There is a need to mark a specific branch, call it foo, as read only. I have tried adding a new rule for refs/heads/foo/*, allowing READ, but DENYing Push, Push Merge Commit, etc. (both with and without "Exclusive" tickbox ticked). In any case, developers are still permitted to push to that branch.
Any idea how to do this without writing server hooks, etc?
For your Gerrit version I think the following set should do the trick:
refs/heads/* ALLOW
refs/heads/foo/* BLOCK