search

devmasx / merge-branch

A GitHub Action that merge PR branch to other branchs
161 stars 58 forks source link

Bypass branch protection rule #26

Closed CWSites closed 2 years ago

CWSites commented 2 years ago

Hi there, I'm trying to merge master back into develop automatically. I've got the configuration setup however my develop branch is protected and requires at least one reviewer and a PR to be submitted. Is there a way to bypass these protection rules when using this action?

Action Config

  merge-branch:
    name: Merge `master` back into `develop`
    runs-on: ubuntu-latest
    needs: [create-release]

    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: merge `master` to `develop`
        uses: devmasx/merge-branch@master
        with:
          type: now
          target_branch: develop
          github_token: ${{ secrets.REPO_ACCESS_TOKEN }}

Error Log

/usr/local/bundle/gems/octokit-4.14.0/lib/octokit/response/raise_error.rb:16:in `on_complete': POST https://api.github.com/repos/digital-ai/dot-components/merges: 409 - protected branch 'develop' check failed: (Octokit::Conflict)
  3 of 3 required status checks are expected. At least 1 approving review is required by reviewers with write access. // See: https://docs.github.com/rest/reference/repos#merge-a-branch
    from /usr/local/bundle/gems/faraday-0.17.0/lib/faraday/response.rb:9:in `block in call'
    from /usr/local/bundle/gems/faraday-0.17.0/lib/faraday/response.rb:61:in `on_complete'
    from /usr/local/bundle/gems/faraday-0.17.0/lib/faraday/response.rb:8:in `call'
    from /usr/local/bundle/gems/octokit-4.14.0/lib/octokit/middleware/follow_redirects.rb:73:in `perform_with_redirection'
    from /usr/local/bundle/gems/octokit-4.14.0/lib/octokit/middleware/follow_redirects.rb:61:in `call'
    from /usr/local/bundle/gems/faraday-0.17.0/lib/faraday/request/retry.rb:130:in `call'
    from /usr/local/bundle/gems/faraday-0.17.0/lib/faraday/rack_builder.rb:143:in `build_response'
    from /usr/local/bundle/gems/faraday-0.17.0/lib/faraday/connection.rb:387:in `run_request'
    from /usr/local/bundle/gems/faraday-0.17.0/lib/faraday/connection.rb:175:in `post'
    from /usr/local/bundle/gems/sawyer-0.8.2/lib/sawyer/agent.rb:94:in `call'
    from /usr/local/bundle/gems/octokit-4.14.0/lib/octokit/connection.rb:156:in `request'
    from /usr/local/bundle/gems/octokit-4.14.0/lib/octokit/connection.rb:28:in `post'
    from /usr/local/bundle/gems/octokit-4.14.0/lib/octokit/client/commits.rb:214:in `merge'
    from /action/lib/index.rb:31:in `<main>'
CWSites commented 2 years ago

For anyone else that comes looking I was able to bypass this by temporarily disabling and reenabling branch protection rules inside the action using https://github.com/octokit/request-action

oreporan commented 2 years ago

@CWSites Could have written the request-action code saved me some writing :)

CWSites commented 2 years ago

Ah sorry about that @oreporan :)

    steps:
      - name: Get existing branch protection
        id: get_branch_protection
        uses: octokit/request-action@v2.0.24
        with:
          route: GET /repos/[USER OR ORGANIZATION]/[REPO NAME]/branches/[BRANCH NAME]/protection
          mediaType: |
            format: application/json
        env:
          # Uses a personal access token (PAT) from user with admin rights on repo
          GITHUB_TOKEN: ${{ secrets.PAT_TOKEN }}

      # The following step will print the existing branch protection rules
      # Only uncomment as needed, there is an error within the echo statement
      # which causes the workflow to fail
      # - run: echo ${{steps.get_branch_protection.outputs.data}}