app icon indicating copy to clipboard operation
app copied to clipboard

Published 20 hours ago verified publisher icon repository-settings

Branch protection rules don't apply for non-existent branches

Open allejo opened this issue 4 years ago • 8 comments

Given the following protection rules, a new rule will not be created targeting ?.? branches if there's no branch matching that pattern. This also happened when I tried creating a rule for a develop branch when there was no develop branch in existence. Whereas with GitHub, you can create rules without having those branches existing.

branches:
  - &master_branch_definition
    name: master
    protection:
      required_pull_request_reviews:
        required_approving_review_count: 1
        dismiss_stale_reviews: false
        require_code_owner_reviews: true
        dismissal_restrictions: {}
      required_status_checks: null
      enforce_admins: true
      restrictions: null

  - <<: *master_branch_definition
    name: "?.?"

allejo avatar Sep 03 '19 22:09 allejo

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

stale[bot] avatar Dec 03 '19 02:12 stale[bot]

@allejo if you replace the null does it work? https://github.com/probot/settings/issues/150

gundalow avatar Dec 03 '19 07:12 gundalow

I am also experiencing a similar issue, I have a settings.yml file that defines both master and deploy/* branches. And it's applying the settings fine to master, but not creating the rule for deploy/* pattern. I tried without any deploy/* branch and I tried with a deploy/prod branch and the probot-settings never created the rule.

repository:
  name: reponame
branches:
  - name: master
    protection: 
      required_pull_request_reviews:
        required_approving_review_count: 1
        dismiss_stale_reviews: true
        require_code_owner_reviews: true
      required_status_checks: null
      enforce_admins: true
      restrictions: null
  - name: "deploy/*"
    protection: 
      required_pull_request_reviews:
        required_approving_review_count: 1
        dismiss_stale_reviews: null
        require_code_owner_reviews: true
      required_status_checks: null
      enforce_admins: true
      restrictions: null

scheuk avatar Jan 27 '20 14:01 scheuk

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

stale[bot] avatar Apr 26 '20 14:04 stale[bot]

Still relevant

gundalow avatar Apr 26 '20 14:04 gundalow

Any idea why the web interface of GitHub is able to create rules for non existent branches, but Probot does not?

dhoppe avatar May 14 '20 18:05 dhoppe

unfortunately, there are many areas where probot/settings is limited in how well it can match the capabilities of the web ui because of limitations of the api. i haven't had a chance to fully investigate this case, but this comment in a related issue, explains the problem as well as i've had a chance to understand it so far.

if you have a chance to investigate further before i do, i'd be happy to discuss any options you find. assuming it is still blocked by those limitations, the best option i can suggest is to reach out to github support and request that the functionality be added to the api. if you get a useful response, please update this issue with details.

travi avatar May 14 '20 18:05 travi

Crossposting this for completeness, I don't believe this is an API constraint, I tested this now and the API supports added branches that do not exist.

mutation MyMutation {
  __typename
  createBranchProtectionRule(input: {repositoryId: "XXXXXXXXXXXXXXXXXX", pattern: "foobar*", restrictsPushes: false}) {
    clientMutationId
  }
}

This is the same for ##227

mkrakowitzer avatar May 27 '20 06:05 mkrakowitzer