Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Disallow merging if not approved by atleast one other developer

Tohnmeister
Tohnmeister August 19, 2014

If I understand correctly, I can configure Stash so that some users can merge to specific branches.

But in our team, things are a bit different. In principle, everybody is able to merge. Our (written) workflow depicts that, before somebody merges something to the master branch, he/she should atleast have it reviewed by one other developer.

So what I'm looking for is the option to only allow merging in Stash if a pull request was atleast reviewed by one other person. Where all persons have exactly the same rights in our Stash user management.

Answer
Watch
Like Be the first to like this
954 views

1 answer

1 accepted

0 votes
Answer accepted
Michael Heemskerk
Michael Heemskerk
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 19, 2014

Hi Tonni,

You can configure the minimum number of approvers in the repository settings. Check out https://confluence.atlassian.com/display/STASH/Checks+for+merging+pull+requestsfor instructions.

Cheers,

Michael

View More Comments
Tohnmeister
Tohnmeister August 19, 2014

Thanks. How could I miss that one? :-)

One more question though. Suppose I would also want to prevent developers from merging and pushing using GIT Bash (or any other tool), would that require me to set the developers' permissions to read-only and allow them to fork the project and create pull requests instead?

Like
Michael Heemskerk
Michael Heemskerk
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 19, 2014

If you'd set the developers permission on the 'central' repository to read-only, they wouldn't be able to merge the pull requests from a fork to the central repository. You need write access on the target repository (and branch) to be able to merge; allowing users with 'read' permission to merge pull requests makes it very hard to control what comes into a repository/branch.

In the fork-based workflow that you suggested, you'd need to appoint a select group of developers and give them write permission on the repository so they can merge the pull requests. It's inconvenient, but it's the only way to strictly control what changes are allowed. If you're happy to do that, I'd set up branch permissions on the branches you want to protect instead of forcing the developers to use forks. It allows you more fine-grained control and is more convenient for the developers as well.

In our own workflow, we trust our developers to follow the workflow and create pull requests for all changes. If you really need to enforce the workflow, you could write a small repository hook that blocks all pushes to selected branches. That way, pull request merges would still be allowed, but manual pushes to the branch would be rejected.

We have documentation and examples on how to write custom repository hooks here:https://developer.atlassian.com/stash/docs/latest/how-tos/repository-hooks.html

Like
Tohnmeister
Tohnmeister August 20, 2014

Thanks for the detailed answer. Your point about 'trusting the developers' makes great sense. There's no need to strictly enforce this workflow. I trust other developers to follow the workflow, or workaround it if really really needed.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events