I want 2 approvals before merging a PR for a specific branch on project level settings with following conditions.
1. One approval from one of the five DLs (group of users to review) that we have
2. Second approval should be open to everyone who is having access to our project.
I did find some settings but these are being applied to all the branches. Is there any way where I can get the required setting specific to a branch ?
Hello @Vaishnav Raam and welcome to the Community!
You can leverage project-level branch restrictions to apply those rules to a particular branch name/pattern.
The branch restrictions provide more granular control over the user's permissions to a branch, and can also be used to configure merge settings, such as requiring a particular number of users to approve the pull request.
In a branch restriction, you can configure the following option with regard to pull request approvers :
So for your use case, the minimum number of approvals could be configured to 2, and the minimum number of approvals from default reviews to 1.
The default reviewers option will be used for the rule where you want at least one approval coming from a particular set of users (five DLs ). You would then need to add the five DLs as the default reviewers, so they will be automatically added as the reviewers when creating new pull requests.
Following is an example of the setup for the branch pattern feature/* (this means the rule will apply to all the branches where the name starts with feature) :
Hope that helps! Let me know in case you have any questions.
Thank you, @Vaishnav Raam !
Patrik S
Hello @Vaishnav Raam
The recommendation made by @Patrik S are perfect - setting the minimum number of approvals for pull requests in repository or project branch restrictions makes sure that you get at least one approval from anyone "who is having access to our project".
As for group scoped approvals with a group approval quota of "One approval from one of the five DLs (group of users to review) that we have", I can recommend our app Workzone for Bitbucket cloud for 3 reasons:
Let me know if I can assist you further with setting this up.
Kind regards, Ulrich
// Izymes
(*) Bitbucket merge-checks are available with premium subscription, however only Bitbucket internal merge-checks are enforced. Workzone enforces _both_ types of merge-checks, Bitbucket internal and Workzone based ones.
{really_small_print}without a premium subscription{/really_small_print}
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks @Patrik S I had tried what you've suggested but the problem is there are dozens of people in each of the five DLs. So adding several names will be difficult and also I guess doing this will add all the their names in the PR and they would receive email notification for each such PR.
Is there any way where I can directly add the whole DL and not individual names?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks @Ulrich Kuhnhardt _IzymesCo_ I also have tried workzone but didn't work for me or may be I haven't found the correct settings.
1. I have set minimum number of required approvals to 2.
2. In Workzone Settings - under Approvals I have added the five DLs to Main branch and under Merge I have set minimum approval from Main branch to 1.
These settings are correct being applied to Main branch but overall 2 approvals is also being applied to other branches.
Is there any other settings where the minimum of 2 approvals with one mandate from one of the five DLs can be added to only Main branch and other branches are free from all these approvals? Could you please help?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Does bitbucket support any script where a merge script with required condition can be used?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for giving Workzone a try!
As for the 'script' you're asking for in your post - check out Forge based merge-checks that have just been released.
I think you did set up Workzone correctly by adding the DL group with 1 required approval and a total of 2 required approvals (in branch restrictions) for the main branch.
I don't quite understand how branch restrictions for the 'main' branch can be applied to other branches! That should not be the case! Settings for example for PR target branches 'main' and 'develop' should look like this
It would be great if you could define branch restrictions as '!main' to cover all other branches, but to my knowledge this pattern is not supported.
As a general best practice it's probably enough to protect only important shared branches like 'main', 'develop', 'release/**' etc - which you can easily add on project or repository level. (Workzone also allows for Workspace level configuration that is applied to all projects and repos, if not overridden by specific Workzone project or repo settings.)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.