Add the option to not require a PR for protected branches #1359
Conversation
Kobzol
force-pushed
the
branch-protection-mode
branch
from
132af34 to
0c68f45
Compare
Kobzol
force-pushed
the
branch-protection-mode
branch
from
0c68f45 to
81651f2
Compare
|
The |
| @@ -43,11 +47,15 @@ | |||
| "branch_protections": [ | |||
| { | |||
| "pattern": "master", | |||
| "ci_checks": [ | |||
There was a problem hiding this comment.
This change breaks anything (namely sync-team) that relies on the current schema?
Don't think we can do this (at least not immediately).
There was a problem hiding this comment.
I don't think that there's anything else than sync-team that read the branch protections, and the sync-team change is ready. I already did some breaking changes recently that broke sync-team, it doesn't seem like a big deal.
Although, it would be bad if this broke other tools that just reuse the schema, even if they don't read the branch protections at all. Not sure if there are any of these though. Is there even any other tool apart from sync-team that reads the repos endpoint?
|
Looks good to me. I'm not concerned about the breaking change because we control sync-team so we can redeploy it after changing the format 👍 |
FWIW we need force pushes for the index repository too, since we regularly squash the history to keep the download size reasonable, but I guess that is unrelated to this PR? |
|
Yes, the index repo will need some additional special treatment I think, that is tangential (although it will also need the ability to avoid PRs on branches, I suppose). |
Theoretically, this is a public API and we're not necessarily the only consumers. But a quick code search doesn't show any uses of the |
btw not everyone is necessarily using this as a git dependency... (https://github.com/rust-lang/crates.io/blob/e922d6806cfcb90a4eb8838ec3a29029b65fe9e0/src/team_repo.rs#L63 😉) |
|
I was specifically looking for usage of the |
Kobzol
force-pushed
the
branch-protection-mode
branch
from
81651f2 to
1eb0177
Compare
|
merged as asked by Kobzol |
This PR adds a
pr-required = <true/false>option to branch protections. There are some repositories that use branch protections, but that do not require a PR.I also refactored the branch protection mode to make the data representation clearer/make it impossible to represent invalid states (such as PR not required, but a required approval count is set). This is a compatibility break for the v1 data format, but branch protections are only read by
sync-teamanyway, so it shouldn't be a big deal.An interesting thing is that it does not actually make sense to require any CI status checks if a PR is not required, because we do not enable anyone to bypass the branch protections. Because if you set a CI check, and try to push to the branch without a PR, it will be rejected.
Without a required PR, the branch protection still disallows force pushes and deletion, and allows us to set push actor allowances.
Relevant repos: