I am new to Atlassian Stash, but I have been playing around for a day now.
Looking at the "Repository Pemissions" page:
I can read that a user with the WRITE permission can create a Pull Request, approve and merge it, but also Push directly to the repository.
It seems like users with the WRITE permission can bypass all kinds of code review by pushing directly to the branch, hence by ignoring to create Pull Requests.
Is there a way that enforce that all commits to master has to be done via Pull Requests?
True, but I want everyone to be able to approve and merge, and I want everyone to create Pull Requests, but no one to push directly to the branch.
The problem, I think, is that the WRITE permission allows both approve+merge AND pushing directly. So if we want to enforce code review, we need to enforce Pull Requests. But with the WRITE permission you can bypass creating Pull Requests and push your commit directly to the branch, bypassing the whole code review process.
So my question still stands; Is there a way that enforce that all commits to master has to be done via Pull Requests?
Sorry, I missed where you want to people to still be able to approve and merge.
You could setup a pre-receive hook by creating a plugin that prevents pushes to certain branches. See this answer for more details.
There is an open JIRA issue to do what you need without having to write a plugin, see STASH-2910.
There are two 3rd party plugins that provide this missing functionality - "Pull Request Please" and "Workzone".
A JIRA was raised way back in 2012, but I don't think there's any chance of it being actioned.
Unfortunately, my current client is a large investment bank, and simply won't allow 3rd party plugins in any of the software they pay for. To get this functionality, I am considering switching to Gerrit.
This story appears to be substantially improved now: https://confluence.atlassian.com/bitbucket/suggest-or-require-checks-before-a-merge-856691474.html
You can separately grant permissions to individual branches including both "Write" and "Merge via Pull Request"
You can also "Prevent a merge with unresolved merge checks"
Every team in the world is unique, and so Atlassian believes that each and every team's best way of working needs to be molded to their unique circumstances – ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot