-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(github): branch protection not supported #3276
fix(github): branch protection not supported #3276
Conversation
@@ -34,6 +34,10 @@ import ( | |||
// by GitHub. | |||
const maxCommentLength = 65536 | |||
|
|||
// Error message GitHub API returns if branch protection is not available | |||
// in current repository | |||
const githubBranchProtectionNotAvailable string = "Upgrade to GitHub Pro or make this repository public to enable this feature." |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a bit of a magic string and could be changed at any point on the API.
Is there an error code or boolean that we could check instead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed, but I think this is the way of the GitHub API unfortunately.
I took inspiration from the go-github package and how they handle branch not protected
errors.
https://github.com/google/go-github/blob/master/github/repos.go#L17
https://github.com/google/go-github/blob/master/github/repos.go#L2028-L2031
https://github.com/google/go-github/blob/master/github/repos.go#L1300-L1302
Response code is HTTP 403 which is not definitive as well :(
< HTTP/2 403
< server: GitHub.com
< date: Tue, 28 Mar 2023 17:06:56 GMT
< content-type: application/json; charset=utf-8
< content-length: 200
< x-oauth-scopes: repo
< x-accepted-oauth-scopes: repo
< github-authentication-token-expiration: 2023-04-04 17:05:36 UTC
< x-github-media-type: github.v3; format=json
< x-github-api-version-selected: 2022-11-28
< x-ratelimit-limit: 5000
< x-ratelimit-remaining: 4999
< x-ratelimit-reset: 1680026816
< x-ratelimit-used: 1
< x-ratelimit-resource: core
< access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
< access-control-allow-origin: *
< strict-transport-security: max-age=31536000; includeSubdomains; preload
< x-frame-options: deny
< x-content-type-options: nosniff
< x-xss-protection: 0
< referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
< content-security-policy: default-src 'none'
< vary: Accept-Encoding, Accept, X-Requested-With
< x-github-request-id: D5A2:06BA:5BE84E2:5D62843:64231EAF
<
{
"message": "Upgrade to GitHub Pro or make this repository public to enable this feature.",
"documentation_url": "https://docs.github.com/rest/branches/branch-protection#get-branch-protection"
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok fair enough. It's a long string tho and subject to change but i suppose we can iterate over it over time if it breaks.
If we do add this logic, id feel better with a shorter string and a regex. That's probably overkill.
@runatlantis/maintainers thoughts on this magic string solution and root issue?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm ok with the string, I found it a bit shocking the API does not return something more programmatic like a bool or something else.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can list all protected branches for a repo and check current
https://github.com/google/go-github/blob/master/github/repos.go#L1214
Not sure if it's an efficient way of dealing with this though
Thank you @tpolekhin for the pr. I do not think this closes issue #3268 completely until we can also check for 404 not found on the branch protection endpoint (due to non admin perms). Is that something you can also tackle within this pr? Or should be done in a follow up? |
that is actually a tricky one, because 404 Not Found could mean 2 things:
It doesn't feel right to treat 2 as if branch is not protected because it can lead to errors later down the chain when incorrect merge method will be chosen. |
I was thinking that if a 404 was returned from the api, then we could have an info message after the stack trace
Or similar. This way people would be more inclined to try one of those methods before reaching out to a github issue |
@tpolekhin can you confirm if works end to end in your own setup? Even though it's a simple fix and contains tests, id like to double check. Sometimes when we ask this question, people try it out and find other problems with the pr and then can catch it in time |
@nitrocode fair. I did run a test on a free private repository without a protected branch without issues. Apply and merge logs:
|
Thank you @tpolekhin ! |
@tpolekhin this was reverted due to a breaking change. See the related pr #3321 |
* fix: github branch protection not supported * fix: typo protectionAvailable
* fix: github branch protection not supported * fix: typo protectionAvailable
Reverts "fix(github): branch protection not supported (runatlantis#3276)" Reverts "fix: allow Require Linear History when selecting merge method (runatlantis#3211)" Closes runatlantis#3320
* fix: github branch protection not supported * fix: typo protectionAvailable
Reverts "fix(github): branch protection not supported (runatlantis#3276)" Reverts "fix: allow Require Linear History when selecting merge method (runatlantis#3211)" Closes runatlantis#3320
what
why
tests
make test
make build
references