Skip to content

Create and show protected branches

Problem description

As described in the parent epic &8679 Users want to be able to have standardized workflows across teams and projects and leverage protected branches as a way to do this.

Implementation plan

  1. Update ProtectedBranchPolicy to handle both projects as well as groups.

  2. Create Groups::ProtectedBranchesController similar to Projects::ProtectedBranchesController. This will be used by frontend to create new protected branches for a group.

  3. Update Groups::Settings::RepositoryController and create an instance variable like @protected_branches = @group.protected_branches.order(:name).page(params[:page]). This will be used by the frontend to list the protected branches on the group settings page.

  4. Update the show method of Projects::Settings::RepositoryController to return @protected_branches as well as @protected_group_branches where @protected_group_branches = @project.root_namespace.protected_branches.order(:name).page(params[:page]). Frontend can use the new variable @protected_group_branches to distinguish the protected branches defined at the group level and mark them as locked as per the UI. This should be behind a feature flag.

  5. Add these helper methods to the projects model so that it can be used at other places.

    def group_protected_branches
  root_namespace.protected_branches
end

def all_protected_branches
  protected_branches + group_protected_branches
end

  6. Find and update the usage of project.protected_branches with project.all_branches at the required places in the codebase. This should be behind a feature flag.

Notes:

  • The frontend will need to know whether a protected branch was inherited or not (did it come from a parent group?). We can then use that information to disable it at the project level.
  • The frontend uses patch requests on edit to the projects protected branches controller using the endpoint generated by namespace_project_protected_branch_path(@project.namespace, @project, protected_branch). We will need to replicate this for groups.
  • We have a protected branches REST API and branches REST API but no equivalents in GraphQL. Neither is used by the UI.
  • Do we need to add group-level protected branches to a project's protected branches API and branches API responses? If so we should make sure it as some kind of inherited flag or inherited_from property.
  • If the above, we will need to indicate that a protected branch is locked within the project-level APIs as well. Probably with a locked flag property.
Edited by Song Huang