Create and show protected branches
Problem description
As described in the parent epic &8679 Users want to be able to have standardized workflows across teams and projects and leverage protected branches as a way to do this.
Implementation plan
-
Update
ProtectedBranchPolicy
to handle both projects as well as groups. -
Create
Groups::ProtectedBranchesController
similar toProjects::ProtectedBranchesController
. This will be used by frontend to create new protected branches for a group. -
Update
Groups::Settings::RepositoryController
and create an instance variable like@protected_branches = @group.protected_branches.order(:name).page(params[:page])
. This will be used by the frontend to list the protected branches on the group settings page. -
Update the
show
method ofProjects::Settings::RepositoryController
to return@protected_branches
as well as@protected_group_branches
where@protected_group_branches = @project.root_namespace.protected_branches.order(:name).page(params[:page])
. Frontend can use the new variable@protected_group_branches
to distinguish the protected branches defined at the group level and mark them as locked as per the UI. This should be behind a feature flag. -
Add these helper methods to the
projects
model so that it can be used at other places.def group_protected_branches root_namespace.protected_branches end def all_protected_branches protected_branches + group_protected_branches end
-
Find and update the usage of
project.protected_branches
withproject.all_branches
at the required places in the codebase. This should be behind a feature flag.
Notes:
- The frontend will need to know whether a protected branch was inherited or not (did it come from a parent group?). We can then use that information to disable it at the project level.
- The frontend uses patch requests on edit to the projects protected branches controller using the endpoint generated by
namespace_project_protected_branch_path(@project.namespace, @project, protected_branch)
. We will need to replicate this for groups. - We have a protected branches REST API and branches REST API but no equivalents in GraphQL. Neither is used by the UI.
- Do we need to add group-level protected branches to a project's protected branches API and branches API responses? If so we should make sure it as some kind of
inherited
flag orinherited_from
property. - If the above, we will need to indicate that a protected branch is locked within the project-level APIs as well. Probably with a
locked
flag property.