If I understand correctly, I can configure Stash so that some users can merge to specific branches.
But in our team, things are a bit different. In principle, everybody is able to merge. Our (written) workflow depicts that, before somebody merges something to the master branch, he/she should atleast have it reviewed by one other developer.
So what I'm looking for is the option to only allow merging in Stash if a pull request was atleast reviewed by one other person. Where all persons have exactly the same rights in our Stash user management.
You can configure the minimum number of approvers in the repository settings. Check out https://confluence.atlassian.com/display/STASH/Checks+for+merging+pull+requestsfor instructions.
Thanks. How could I miss that one? :-)
One more question though. Suppose I would also want to prevent developers from merging and pushing using GIT Bash (or any other tool), would that require me to set the developers' permissions to read-only and allow them to fork the project and create pull requests instead?
If you'd set the developers permission on the 'central' repository to read-only, they wouldn't be able to merge the pull requests from a fork to the central repository. You need write access on the target repository (and branch) to be able to merge; allowing users with 'read' permission to merge pull requests makes it very hard to control what comes into a repository/branch.
In the fork-based workflow that you suggested, you'd need to appoint a select group of developers and give them write permission on the repository so they can merge the pull requests. It's inconvenient, but it's the only way to strictly control what changes are allowed. If you're happy to do that, I'd set up branch permissions on the branches you want to protect instead of forcing the developers to use forks. It allows you more fine-grained control and is more convenient for the developers as well.
In our own workflow, we trust our developers to follow the workflow and create pull requests for all changes. If you really need to enforce the workflow, you could write a small repository hook that blocks all pushes to selected branches. That way, pull request merges would still be allowed, but manual pushes to the branch would be rejected.
We have documentation and examples on how to write custom repository hooks here:https://developer.atlassian.com/stash/docs/latest/how-tos/repository-hooks.html
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.Read more
Bitbucket Pipelines helps me manage and automate a number of serverless deployments to AWS Lambda and this is how I do it. I'm building Node.js Lambda functions using node-lambda ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs