Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Releasing on protected branch

See original GitHub issue

Hello, thanks for a great tool.

We have a protected master branch becase we want to enforce pull requests reviewes before merging as well as prevent accidental merging to master directly.

Expected Behavior

I would like to be able publish packages no matter if primary branch is protected

Current Behavior

Currently, if user is not administrator, and error is thrown.

Possible Solution

No idea if there is any way around this, but I would appreciate suggestions on how to go around this and keep the primary branch protected.

lerna.json

{
  "packages": [
    "packages/*"
  ],
  "version": "independent",
  "npmClient": "yarn"
}

lerna-debug.log

Are you sure you want to publish these packages? Yes
lerna info git Pushing tags...
lerna ERR! Error: Command failed: git push --follow-tags --no-verify origin master
lerna ERR! remote: error: GH006: Protected branch update failed for refs/heads/master.
lerna ERR! remote: error: At least 1 approving review is required by reviewers with write access.
lerna ERR! To https://github.com/company/repo.git
lerna ERR!  * [new tag]         @company/repo-package@0.3.6 -> @company/repo-package@0.3.6
lerna ERR!  ! [remote rejected] master -> master (protected branch hook declined)
lerna ERR! error: failed to push some refs to ‘https://github.com/company/repo.git’
lerna ERR!
lerna ERR!     at makeError (/Users/{censored}/node_modules/execa/index.js:174:9)
lerna ERR!     at Promise.all.then.arr (/Users/{censored}/node_modules/execa/index.js:278:16)
lerna ERR! Error: Command failed: git push --follow-tags --no-verify origin master
lerna ERR! remote: error: GH006: Protected branch update failed for refs/heads/master.
lerna ERR! remote: error: At least 1 approving review is required by reviewers with write access.
lerna ERR! To https://github.com/company/repo.git
lerna ERR!  * [new tag]         @company/repo-package@0.3.6 -> @company/repo-package@0.3.6
lerna ERR!  ! [remote rejected] master -> master (protected branch hook declined)
lerna ERR! error: failed to push some refs to ‘https://github.com/company/repo.git’
lerna ERR!
lerna ERR!     at makeError (/Users/{censored}/node_modules/execa/index.js:174:9)
lerna ERR!     at Promise.all.then.arr (/Users/{censored}/node_modules/execa/index.js:278:16)
lerna ERR! lerna Command failed: git push --follow-tags --no-verify origin master
lerna ERR! lerna remote: error: GH006: Protected branch update failed for refs/heads/master.
lerna ERR! lerna remote: error: At least 1 approving review is required by reviewers with write access.
lerna ERR! lerna To https://github.com/company/repo.git
lerna ERR! lerna  * [new tag]         @company/repo-package@0.3.6 -> @company/repo-package@0.3.6
lerna ERR! lerna  ! [remote rejected] master -> master (protected branch hook declined)
lerna ERR! lerna error: failed to push some refs to ‘https://github.com/company/repo.git’
lerna ERR! lerna
error Command failed with exit code 1.

Context

I would like to be able publish packages no matter if primary branch is protected or even if user is not an Administrator of the org or repo.

Your Environment

Executable Version
lerna --version 3.10.7
npm --version 6.4.1
yarn --version 1.13.0
node --version v10.15.1
OS Version
macOS 10.14.3

Thank you very much for any suggestions.

Issue Analytics

  • State:open
  • Created 5 years ago
  • Reactions:41
  • Comments:20 (1 by maintainers)

github_iconTop GitHub Comments

27reactions
evocateurcommented, Mar 26, 2019

I would question the necessity of locking master first, frankly. It’s not going to magically protect you from all mistakes.

In any event, as long as you’re willing to sacrifice the specificity that Lerna achieves through git tags, you can run lerna version --no-git-tag-version to prepare a PR (which will bump everything, as you’ve mangled the previous tags through merging), merge that PR into master, and then run lerna publish from-package --yes (maybe in CI? up to you), which does not make a commit or tag and publishes any local packages whose version does not exist in the configured registry.

But again, I would recommend reconsidering what you’re really gaining by locking master, given the tradeoff of losing all relevant git tags and partially-applied publishes.

24reactions
lukasjuhascommented, Mar 27, 2019

Hi @evocateur, thank you for your input and suggestions. And of course thanks for lerna!

I do get your point. The main reason for locking master is to add rules such as :

Require pull request reviews before merging When enabled, all commits must be made to a non-protected branch and submitted via a pull request with the required number of approving reviews and no changes requested before it can be merged into a branch that matches this rule.

And

Require status checks to pass before merging Choose which status checks must pass before branches can be merged into a branch that matches this rule. When enabled, commits must first be pushed to another branch, then merged or pushed directly to a branch that matches this rule after status checks have passed.

The problem is, in our repo, various member of team are contributing to it, including junior staff members that are more likely to make a mistake and e.g. merge PR without a review etc. Although this would be managable, and we could always revert… at scale this might get difficult to keep track of.

I do understand that this is not really problem of lerna but more rules and politics in our team, I was just wondering if there is a way how to keep branch protected and publish packages which I get is not possible at the moment. Now the question is, if someone would take this challenge on, is it possible to achieve this at all?

So I do think being able to lock master does make sense and is common practice, and being to publish via lerna would be a really good feature and would help other people that have been having the same issue.

Thank you

Read more comments on GitHub >

github_iconTop Results From Across the Web

About protected branches - GitHub Docs
You can protect important branches by setting branch protection rules, which define whether collaborators can delete or force push to the branch and...
Read more >
Protected branches - GitLab Docs
Require everyone to submit merge requests for a protected branch · On the top bar, select Main menu > Projects and find your...
Read more >
How to set up Git branch protection rules - Spectral
Step 1: Navigate to your repository homepage at Github. · Step 2: Click on the Add Rule option as shown below. · Step...
Read more >
How to push to GitHub protected branch via sbt-release plugin?
The flow works as follows: once a PR is reviewed and merged to main (the protected branch), more tests are executed in GitHub...
Read more >
Set Up Branch and Merge Restrictions | JetBrains Space ...
To set up a branch protection rule: · Open the Repository Settings page. · Go to the Protected Branches tab. · Existing rules...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Missing HTTP_NPM_SCOPE header when publishing

Next page

[feature request]run lerna script against staged-files