Support for Branch Protection bypass_pull_request_allowances

[mike-stewart]

New Feature

Can safe-settings add support for the "Allow specified actors to bypass required pull requests" feature of required pull request reviews for branch protection?

• Is the functionality available in the GitHub UI? If so, please provide a link to information about the feature.

Available in the UI as:

Allow specified actors to bypass required pull requests
Specify people, teams, or apps who are allowed to bypass required pull requests.

• Is the functionality available through the GitHub API? If the functionality is available, please provide links to the
  API documentation (https://developer.github.com/v3/) as well as the Octokit documentation (https://octokit.github.io/).

Available in the API as "bypass_pull_request_allowances".

[decyjphr]

Thanks, will add this in the coming weeks.

[dan-ih]

Any progress on this @decyjphr ?

[ghost]

I would also be interested to know when this is coming out :)

[viks-confluent]

@decyjphr any update on this would be appreciated. Thanks

[martinm82]

Aren't the attributes out of the box available in safe-settings?

Also should actually all the boolean parameters available in the API (https://docs.github.com/en/rest/branches/branch-protection#update-branch-protection) be added to the reformat function? (e.g. allow_force_pushes, block_creations, lock_branch, allow_fork_syncing)

[ghost]

@mike-stewart @dan-ih @viks-confluent It seems @decyjphr has already implemented this 😄!
So, i did a little bit of test and yes, the attributes are already available it's just that it is not mentioned in the documentation/examples, here is how i used them and it worked:
By defining:

bypass_pull_request_allowances:
          users: [ "GranitFazliuRB","User2","User3"]

under the required_pull_request_reviews section

Only tested it with users but it should work with teams and apps arrays as well

branches:
  - name: default
    protection:
      required_pull_request_reviews:
        required_approving_review_count: 1
        dismiss_stale_reviews: true
        require_code_owner_reviews: true
        bypass_pull_request_allowances:
          users: [ "GranitFazliuRB","User2","User3"]        
      required_status_checks:
        strict: true
        contexts: []
      enforce_admins: true
      restrictions:
        apps: []
        users: []
        teams: []

[anderssonjohan]

related PR #419

[anderssonjohan]

Aren't the attributes out of the box available in safe-settings?

Also should actually all the boolean parameters available in the API (docs.github.com/en/rest/branches/branch-protection#update-branch-protection) be added to the reformat function? (e.g. allow_force_pushes, block_creations, lock_branch, allow_fork_syncing)

@martinm82 Ah! So that may be the reason why block_creations always is identified as changed all the time?

[martinm82]

Aren't the attributes out of the box available in safe-settings?
Also should actually all the boolean parameters available in the API (docs.github.com/en/rest/branches/branch-protection#update-branch-protection) be added to the reformat function? (e.g. allow_force_pushes, block_creations, lock_branch, allow_fork_syncing)

@martinm82 Ah! So that may be the reason why block_creations always is identified as changed all the time?

I haven't checked that but the reason why all these params work out of the box is because we use the REST API format of the payload which gets used 1:1.

P.S. We will run soon into limitations with the REST API. For example one cannot create branch protection rules and use wildcards in the branch pattern which is only supported by GraphQL API.