Branch protection, can still be pushed

[ghostman-git]

Description

Branch protection, can still be pushed

Gitea Version

1.19.1

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

No response

Operating System

docker

How are you running Gitea?

docker

Database

MySQL

[wxiaoguang]

Are you admin?

[ghostman-git]

Are you admin?

yes

[wxiaoguang]

Are you admin?

yes

yes, so you can bypass that rule. That's by design.

Update: maybe I read it wrong.

[lunny]

I cannot reproduce that.

I don't think the site admin can bypass that rule.

[ghostman-git]

我无法重现这一点。

我认为网站管理员无法绕过该规则。

你是管理员吗？

是的

~是的，所以你可以绕过这条规则。这是设计使然。~

更新：也许我看错了。

Are you admin?

yes

~yes, so you can bypass that rule. That's by design.~

Update: maybe I read it wrong.

Upgrade from previous version to v1.19.1

[ghostman-git]

I cannot reproduce that.

I don't think the site admin can bypass that rule.

Upgrade from previous version to v1.19.1

[wxiaoguang]

What's your app.ini config / local git repo config (remote) / push command? and what's the response?

---

And one more question, can you reproduce it with a new / clear installation?

[ghostman-git]

What's your app.ini config / local git repo config (remote) / push command? and what's the response?

And one more question, can you reproduce it with a new / clear installation?

1. app.ini

   
   APP_NAME = Gitea: Git with a cup of tea
   RUN_MODE = prod
   RUN_USER = git

[repository] ROOT = /data/git/repositories

[repository.local] LOCAL_COPY_PATH = /data/gitea/tmp/local-repo

[repository.upload] TEMP_PATH = /data/gitea/uploads

[server] APP_DATA_PATH = /data/gitea DOMAIN = 192.168.31.244 SSH_DOMAIN = 192.168.31.244 HTTP_PORT = 3000 ROOT_URL = http://192.168.31.244:3000/ DISABLE_SSH = false SSH_PORT = 22 SSH_LISTEN_PORT = 22 LFS_START_SERVER = true LFS_CONTENT_PATH = /data/git/lfs LFS_JWT_SECRET = 123 OFFLINE_MODE = true

[database] PATH = /data/gitea/gitea.db DB_TYPE = mysql HOST = localhost:3306 NAME = gitea USER = PASSWD = LOG_SQL = false SCHEMA = SSL_MODE = disable CHARSET = utf8mb4

[indexer] ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve

[session] PROVIDER_CONFIG = /data/gitea/sessions PROVIDER = file

[picture] AVATAR_UPLOAD_PATH = /data/gitea/avatars REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars DISABLE_GRAVATAR = true ENABLE_FEDERATED_AVATAR = false

[attachment] MAX_SIZE = 3072 ALLOWED_TYPES = / PATH = /data/gitea/attachments

[log] ROOT_PATH = /data/gitea/log MODE = file LEVEL = info ROUTER = file ROUTER_LOG_LEVEL = file

[security] INSTALL_LOCK = true SECRET_KEY = 123 INTERNAL_TOKEN = 123 PASSWORD_COMPLEXITY = off

[service] DISABLE_REGISTRATION = true REQUIRE_SIGNIN_VIEW = true REGISTER_EMAIL_CONFIRM = false ENABLE_NOTIFY_MAIL = true ALLOW_ONLY_EXTERNAL_REGISTRATION = false ENABLE_CAPTCHA = false DEFAULT_KEEP_EMAIL_PRIVATE = false DEFAULT_ALLOW_CREATE_ORGANIZATION = true DEFAULT_ENABLE_TIMETRACKING = true NO_REPLY_ADDRESS = noreply.localhost

[oauth2] JWT_SECRET = 123

[mailer] ENABLED = true HOST = smtp.exmail.qq.com:465 FROM = hxat@bjhxat.com USER = hxat@bjhxat.com PASSWD = ****

[openid] ENABLE_OPENID_SIGNIN = false ENABLE_OPENID_SIGNUP = false

2. git push

git push upstream/dev

3.  Not tested yet, deploying testing

[wxiaoguang]

Not tested yet, deploying testing

Any progress?

[ghostman-git]

Not tested yet, deploying testing

Any progress?

The latest version is fine, but the upgrade from the original version will not work.

[lunny]

Could you run ./gitea doctor?

[wxiaoguang]

The latest version is fine, but the upgrade from the original version will not work.

If you create a new repo in your old instance, does its branch protection work?

[ghostman-git]

The latest version is fine, but the upgrade from the original version will not work.

If you create a new repo in your old instance, does its branch protection work?

Tried, invalid

[ghostman-git]

Could you run ?./gitea doctor

How to run？

./gitea doctor

[wxiaoguang]

The latest version is fine, but the upgrade from the original version will not work.

If you create a new repo in your old instance, does its branch protection work?

Tried, invalid

If you have tried gitea doctor and tried the newly create repo, the same problem still exists, from my side I do not have idea for this problem at the moment. It looks like something is out of sync, but it seems need some deep debugging work on your instance.

ps: does protection work for the push over https (not ssh)? if https works, then the problem is highly likely related the ssh part.

[ghostman-git]

The latest version is fine, but the upgrade from the original version will not work.

If you create a new repo in your old instance, does its branch protection work?

Tried, invalid

If you have tried and tried the newly create repo, the same problem still exists, from my side I do not have idea for this problem at the moment. It looks like something is out of sync, but it seems need some deep debugging work on your instance.gitea doctor

ps: does protection work for the push over https (not ssh)? if https works, then the problem is highly likely related the ssh part.

Use http, invalid

[ghostman-git]

The latest version is fine, but the upgrade from the original version will not work.

If you create a new repo in your old instance, does its branch protection work?

Tried, invalid

If you have tried and tried the newly create repo, the same problem still exists, from my side I do not have idea for this problem at the moment. It looks like something is out of sync, but it seems need some deep debugging work on your instance.gitea doctor

ps: does protection work for the push over https (not ssh)? if https works, then the problem is highly likely related the ssh part.

There are some warnings about data table columns in the log at startup, I don't know if it affects it

[lunny]

Those logs will not affect anything.

[ghostman-git]

[gwynlionhart]

I am having the same issue with Gitea version 1.19.3. Using docker.

1. Initialize Gitea as some admin user "admin"
2. Create an organization "org"
3. Create a Team "team" in that organization with write permissions to Code
4. Create a user and put them in the "team" Team.
5. Create a repository "test" in that organization and initialize the "main" branch
6. Go to the repo setting, then Branches, then Add New Rule for branch protection
7. Set Protected Branch Pattern to "main"
8. Disable Push
9. Required approvals:1
10. Block merge on rejected reviews
11. Save Rule
12. Clone the repo as the test user
13. Edit the readme file, commit it
14. git push See below output of the git push

user@workstation MINGW64 ~/projects/test (main)
$ git push
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Writing objects: 100% (3/3), 253 bytes | 253.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
To https://git-website.com/git/org/test.git
   ea12f0d..54c30fa  main -> main

[Zettat123]

Upgrade from previous version to v1.19.1

Which version did you upgrade to v1.19.1 from?

[ghostman-git]

Upgrade from previous version to v1.19.1

Which version did you upgrade to v1.19.1 from?

It may be gradually upgraded from v1.14.8, basically every version will be upgraded, but it is not clear which version to start from. This can be used well.

[GiteaBot]

We close issues that need feedback from the author if there were no new comments for a month. :tea: