How to prevent a pull request from being re-scoped after approval?

Hello,

I noticed that after a pull request is being approved, a developer can push more changes to the branch without notifying the reviewer, and somehow those "unwanted" changes get merged.

Is there a way to "freeze" the branch in which the pull request was raised? I was thinking of writing a plugin which implements com.atlassian.bitbucket.event.pull.PullRequestParticipantApprovedEvent event, but I am not sure how to go from there.

Any pointers?

 

Thank you,

 

3 answers

1 accepted

This widget could not be displayed.

Hi Faissal,

Is the goal just to prevent the new unapproved changes from getting merged? If so you have the following option with ScriptRunner for Bitbucket Server:

Using the withdraw approvals event handler for this purpose, which will withdraw approvals if a pull request is changed after the approval. See the docs here for how to use this. 

You can find it under Repository Settings -> Script Event Handlers -> "Withdraw approvals when a pull request changed" or Admin -> ScriptRunner -> Script Event Handlers -> "Withdraw approvals when a pull request changed"

You could then combine this with a merge check to check all users have approved the pull request or some number of them.

You can find it under Repository Settings -> Script Merge Checks -> "Custom merge check" or Admin -> ScriptRunner -> Script Merge Checks -> "Custom merge check"

The example below will check all reviewers have approved, which you need to copy as an inline script in the custom merge check:

import com.atlassian.bitbucket.scm.pull.MergeRequest

def mergeRequest = mergeRequest as MergeRequest

if (! mergeRequest.pullRequest.reviewers.every {it.approved}) {
    mergeRequest.veto("Not enough approvals", "All reviewers must approve before merge")
}

I think this solution is much better than adding a pre-receive hook to block the push and will also provide you flexibility to define your own conditions according to the development process each team has.

Although you can lookup writing your own pre-receive hook if thats what you really want using ScriptRunner here.

Let me know if you need any help with this or more details.

Hope this helps,
Adam

This widget could not be displayed.

Another option is to install the Bitbucket Server Auto Unapprove plugin, which will remove the approvals if someone pushes more changes to the pull request source branch.

 

This widget could not be displayed.

You would want to write a little pre-receive hook that checks

  • if branch has outgoing PR(s)
  • If so - are there any approvals yet
  • If so - rejected the push to the branch. 

There are some good hook tutorials in developer.atlassian.com. 

Hope that helps

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Aug 21, 2018 in Bitbucket

Branch Management with Bitbucket

As a project manager, I have discovered that different developers want to bring their previous branching method with them when they join the team. Some developers are used to performing individual wo...

1,306 views 8 11
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you