Looping when branch protection disallows merge commits

[alex-mckenna]

Recently we've seen that on repositories where branch protection forbids merge commits into master, hoff can loop (since it attempts to fast-forward merge on successful builds). GitHub has an API for checking the protection on a branch, we should check that the branch hoff will merge into has compatible permissions.

Since branch protection configuration can change, we should either listen for changes in branch protection rules if possible, or check at the start of every hoff merge. If branch protection rules would prohibit hoff from merging, it should comment this on the PR so users are aware.

[fatho]

The more general problem is that we treat every failed push as a conflicting commit to master, and thus as a reason to retry:

https://github.com/channable/hoff/blob/266379ed8eb44cbe311766ed9f04897cad812623/src/Logic.hs#L808-L823

I'd say we should instead whitelist the causes that are know to be fixable by retrying, and give up on the PR (with a comment) in all other cases. Then we also wouldn't necessarily need custom logic for detecting branch protection rules - depending on how good the error messages are we get back from a failed push.