Removing and adding branch protection REST API issue
Summary
We cannot programmatically create a GitLab project via REST API, remove initial branch protection and then re-add branch protection with correct settings.
Steps to reproduce
- Create a project using GitLab REST API (post to https://gitlab.com/api/v4/projects)
- This results in a 200
- Remove main branch protection using GitLab REST API (delete to https://gitlab.com/api/v4/projects/${projectId}/protected_branches/main)
- This initially results in a 500 but is actually successful
- Retries then occur and a subsequent call fails with a 404 because the removal succeeded originally
- If we then attempt to re-add branch protection using GitLab REST API (post https://gitlab.com/api/v4/projects/${projectId}/protected_branches) the result is a 500 error but again the call has actually succeeded
Example Project
- https://gitlab.com/beacon-devops/website-widget-service/website-widget-service-scheduled-trigger-lambda-deleted-46692176
- https://gitlab.com/beacon-devops/website-widget-service/website-widget-service-scheduled-trigger-lambda-deleted-46692070
- https://gitlab.com/beacon-devops/website-widget-service/website-widget-service-scheduled-trigger-lambda-deleted-46691513
- https://gitlab.com/beacon-devops/website-widget-service/website-widget-service-scheduled-trigger-lambda-deleted-46671198
- https://gitlab.com/beacon-devops/website-widget-service/website-widget-service-scheduled-trigger-lambda-liLGD (restored deleted project)
What is the current bug behavior?
- Calls to the remove main branch protection using GitLab REST API (delete to https://gitlab.com/api/v4/projects/${projectId}/protected_branches/main) result in a 500 (but are actually successful)
- Calls to re-add branch protection using GitLab REST API (post https://gitlab.com/api/v4/projects/${projectId}/protected_branches) result in a 500 error but again the call has actually succeeded
What is the expected correct behavior?
- Both calls should result in a 200
Relevant logs and/or screenshots
Initial call
{
"message": "Request failed with status code 500",
"name": "AxiosError",
"config": {
"transitional": {
"silentJSONParsing": true,
"forcedJSONParsing": true,
"clarifyTimeoutError": false
},
"transformRequest": [
null
],
"transformResponse": [
null
],
"timeout": 30000,
"xsrfCookieName": "XSRF-TOKEN",
"xsrfHeaderName": "X-XSRF-TOKEN",
"maxContentLength": -1,
"maxBodyLength": -1,
"env": {},
"headers": {
"Accept": "application/json",
"Content-Type": "application/json",
"PRIVATE-TOKEN": "REMOVED-AS-PRIVATE",
"User-Agent": "axios/0.27.2"
},
"method": "delete",
"url": "https://gitlab.com/api/v4/projects/46695135/protected_branches/main",
"axios-retry": {
"retryCount": 0,
"lastRequestTime": 1686219840672
}
},
"code": "ERR_BAD_RESPONSE",
"status": 500
}Subsequent call
{
"message": "Request failed with status code 404",
"name": "AxiosError",
"config": {
"transitional": {
"silentJSONParsing": true,
"forcedJSONParsing": true,
"clarifyTimeoutError": false
},
"transformRequest": [
null
],
"transformResponse": [
null
],
"timeout": 30000,
"xsrfCookieName": "XSRF-TOKEN",
"xsrfHeaderName": "X-XSRF-TOKEN",
"maxContentLength": -1,
"maxBodyLength": -1,
"env": {},
"headers": {
"Accept": "application/json",
"Content-Type": "application/json",
"PRIVATE-TOKEN": "REMOVED-AS-PRIVATE",
"User-Agent": "axios/0.27.2"
},
"method": "delete",
"url": "https://gitlab.com/api/v4/projects/46695083/protected_branches/main",
"axios-retry": {
"retryCount": 3,
"lastRequestTime": 1686219701368
}
},
"code": "ERR_BAD_REQUEST",
"status": 404
}Output of checks
This bug happens on GitLab.com /label reproduced on GitLab.com