If I understand correctly, I can configure Stash so that some users can merge to specific branches.
But in our team, things are a bit different. In principle, everybody is able to merge. Our (written) workflow depicts that, before somebody merges something to the master branch, he/she should atleast have it reviewed by one other developer.
So what I'm looking for is the option to only allow merging in Stash if a pull request was atleast reviewed by one other person. Where all persons have exactly the same rights in our Stash user management.
You can configure the minimum number of approvers in the repository settings. Check out https://confluence.atlassian.com/display/STASH/Checks+for+merging+pull+requestsfor instructions.
Thanks. How could I miss that one? :-)
One more question though. Suppose I would also want to prevent developers from merging and pushing using GIT Bash (or any other tool), would that require me to set the developers' permissions to read-only and allow them to fork the project and create pull requests instead?
If you'd set the developers permission on the 'central' repository to read-only, they wouldn't be able to merge the pull requests from a fork to the central repository. You need write access on the target repository (and branch) to be able to merge; allowing users with 'read' permission to merge pull requests makes it very hard to control what comes into a repository/branch.
In the fork-based workflow that you suggested, you'd need to appoint a select group of developers and give them write permission on the repository so they can merge the pull requests. It's inconvenient, but it's the only way to strictly control what changes are allowed. If you're happy to do that, I'd set up branch permissions on the branches you want to protect instead of forcing the developers to use forks. It allows you more fine-grained control and is more convenient for the developers as well.
In our own workflow, we trust our developers to follow the workflow and create pull requests for all changes. If you really need to enforce the workflow, you could write a small repository hook that blocks all pushes to selected branches. That way, pull request merges would still be allowed, but manual pushes to the branch would be rejected.
We have documentation and examples on how to write custom repository hooks here:https://developer.atlassian.com/stash/docs/latest/how-tos/repository-hooks.html
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
After spinning my wheels trying to get organized enough to write a book for National Novel Writing Month (NaNoWriMo) I took my affinity for Atlassian products from my work life and decided to tr...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG