Reputation: 1701
How to add a user exception to "Require pull request reviews before merging" option in git protected branch?
I am trying to use lerna publish to manage package publishing in my team. So what lerna does at the end of every publish is, it bumps the version in the package.json file and commits those changes in the branch that did the publish.
However in master I need "Require pull request reviews before merging" to be active as it is protected branch. 
My problem is not in publishing as lerna publishes the package. However the circle-ci fails with this error:
remote: error: GH006: Protected branch update failed for refs/heads/publish-test.
remote: error: At least 1 approving review is required by reviewers with write access.
To github.com:username/repo.git
! [remote rejected] publish-test -> publish-test (protected branch hook declined)
I tried enabling "Restrict who can push to matching branches" option to allow a user to commit in master, (we are using a bot user for devops commits). 
Is there a way to add a user exception to the option "Require pull request reviews before merging" or do a pre-merge hook(so I can publish before the merge in ci)?
Upvotes: 28
Views: 8453
Answers (3)
Reputation: 12985
Today people on the list "people and teams with push access" on the matching branch (as in your question) are still allowed to push to that branch even if you say "Require pull request reviews before merging" and, I approximate, "nobody can override the restrictions to merging".
Upvotes: 0
Reputation: 114641
Update
GetHub enterprise now has the ability to create custom roles in which you can assign the permission to bypass branch policy.
The only way to excempt users is to make them repo admins and allow admins to bypass the policy.
Or use a GitHub actions workflow that uses the PAT if an admin to push to the target branch if the changes were pushed by allow-listed users. That opens up some interesting security issues though.
Upvotes: 2
Reputation: 2126
No there currently is no option for that but you could raise a feature request here. There probably is no way to work around the branch protection, which is pretty much the point of it.
On your second question: As far as I know, there is no specific "pre-merge" hook, here is the list of all workflow triggers. You could work around this triggering at push for the branch you are merging to or could trigger on creating a release or maybe one of the mentioned pull-request hooks can enable your scenario.
Upvotes: -1
Related Questions
- How to protect branch with "Require pull request reviews before merging"
- How to block merging of pull requests by committers in GitHub
- Creating a pull request rule on GitHub that prevents me to accidentally push new code to main branch
- GitHub Branch Protection Rules - disable "Require Approvals"
- Restrict certain GitHub users to merge branches
- Require PR review in branch protection rules without "write" access
- How we can disable merge of a pull request in github if any check fails in the CI job
- GitLab: prevent users from accepting their own merge request
- Github disable merge
- Disallow merging your own pull request on GitHub