Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can we enforce mandatory reviews in GitHub but still allow Maven release builds from CI?

Tags:

github

maven

github-enterprise

We would like to use mandatory code reviews on pull requests in GitHub Enterprise 2.10 (using the "Require pull request reviews before merging" feature in the repository protected branch settings).

However, when we enable this feature, Maven release builds fail, since the release plugin tries to push the new SNAPSHOT version to the repository using the credentials of the user that runs the TeamCity release build.

Has anyone come up with an approach that works for this? Our requirements are:

  • Require code reviews for normal commits/pull requests
  • Allow automated release builds to commit the updated POM versions
  • Have all commits done by specific non-shared user accounts
like image 364
Richard Neish Avatar asked Nov 14 '17 12:11

Richard Neish

People also ask

How do I set mandatory reviewers on GitHub?

To require multiple reviewers for pull requests, go to your repository's settings and select “Branches”. Under “Protected branches”, select the branch you'd like to protect with a multiple reviewers requirement. There you can select the number of reviewers required for each pull request to that branch.

How do I restrict a pull request on GitHub?

Next to "Branch protection rules", click Add rule. Under "Branch name pattern", type the branch name or pattern you want to protect. Optionally, enable required pull requests. Under "Protect matching branches", select Require a pull request before merging.

How do you restrict who can merge to master on a GitHub repo?

No, GitHub doesn't let you restrict who can perform a merge. However, if you want to require a specific group of people to approve a PR before merging, use the CODEOWNERS file and require an approval from a code owner before merging in the branch protection settings.

How Stop PR merge GitHub?

Using GitHub's settings, you can only block merging by requiring either pull request reviews, status checks to pass, signed commits or linear history as shown under the branch protection settings. Apart from the above, there is no other way currently to block self merging PRs on GitHub.

1 Answers

I found this answer on a related question: https://stackoverflow.com/a/47006088

My impression is that if you leave the "include administrators" checkbox unchecked, then you can use a repository owner with the release plugin. The trade off is you would then rely on discipline from your developers who are repository owners to not skip the review process.

like image 184
suthsc Avatar answered Oct 18 '22 03:10

suthsc
Sign in to Comment

Related questions

AEM/CQ Maven Project Structure -- Multiple JCR Node Sub-Modules
maven assembly - jar misses own classes
maven can't find path specified
Including an unpacked War in the Assembly
M2E Failed to load all dependencies
Spring Maven - Unable to generate WSDL
Using Seam in a single legacy WAR of an otherwise Weld-enabled EAR
Way to run Maven from Python script?
code coverage for junit plug-in tests with maven
How can I send a JSON object with Jersey in a Rest Service
CUCM AXL API wrong SoapAction
Maven - Change jUnit Version in Quickstart Archetype
How can use maven to build job with free Talend Open Studio
Spring MVC StreamingResponseBody return chunked file
How to publish android library to Jfrog bintray?
how to build a jar with maven for a specific OS?
mvn package load other Library as Eclipse
Liquibase maven plugin is not using classpath property
Java classes get compiled via external maven inside eclipse but not (with same maven) from command line
How to configure Maven in Jaspersoft Studio?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!