Consider narrowing privileges for push to master
Today we handled an issue where a commit broke builds on master
(see https://gitlab.slack.com/archives/C101F3796/p1571152341290800 for context). The commit was accidentally pushed to master so it didn't have a MR associated with it and therefore it didn't meet the requirement of having its build passing for it to be in master
.
Currently all Maintainer
s have the ability to push to master
. Given that pushing directly to master should be a very rare occurrence (even an emergency change can be made by merging an MR before its pipelines complete) we may want to consider taking a similar approach to the one we have at https://gitlab.com/gitlab-org/gitlab, where only specific groups/users have that privilege.
/cc some random people because I'm not sure who makes this call: @stanhu @tbarr @dawsmith ¯\_(ツ)_/¯