Branch protection, can still be pushed

[ghostman-git]

Description

Branch protection, can still be pushed

Gitea Version

1.19.1

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

No response

Operating System

docker

How are you running Gitea?

docker

Database

MySQL

[wxiaoguang]

Are you admin?

[ghostman-git]

Are you admin?

yes

[wxiaoguang]

Are you admin?

yes

yes, so you can bypass that rule. That's by design.

Update: maybe I read it wrong.

[lunny]

I cannot reproduce that.

I don't think the site admin can bypass that rule.

[ghostman-git]

我无法重现这一点。

我认为网站管理员无法绕过该规则。

你是管理员吗？

是的

是的，所以你可以绕过这条规则。这是设计使然。

更新：也许我看错了。

Are you admin?

yes

yes, so you can bypass that rule. That's by design.

Update: maybe I read it wrong.

Upgrade from previous version to v1.19.1

[ghostman-git]

I cannot reproduce that.

I don't think the site admin can bypass that rule.

Upgrade from previous version to v1.19.1

[wxiaoguang]

What's your app.ini config / local git repo config (remote) / push command? and what's the response?

---

And one more question, can you reproduce it with a new / clear installation?

[ghostman-git]

What's your app.ini config / local git repo config (remote) / push command? and what's the response?

And one more question, can you reproduce it with a new / clear installation?

1. app.ini

APP_NAME = Gitea: Git with a cup of tea
RUN_MODE = prod
RUN_USER = git

[repository]
ROOT = /data/git/repositories

[repository.local]
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo

[repository.upload]
TEMP_PATH = /data/gitea/uploads

[server]
APP_DATA_PATH    = /data/gitea
DOMAIN           = 192.168.31.244
SSH_DOMAIN       = 192.168.31.244
HTTP_PORT        = 3000
ROOT_URL         = http://192.168.31.244:3000/
DISABLE_SSH      = false
SSH_PORT         = 22
SSH_LISTEN_PORT  = 22
LFS_START_SERVER = true
LFS_CONTENT_PATH = /data/git/lfs
LFS_JWT_SECRET   = 123
OFFLINE_MODE     = true

[database]
PATH     = /data/gitea/gitea.db
DB_TYPE  = mysql
HOST     = localhost:3306
NAME     = gitea
USER     = ****
PASSWD   = ****
LOG_SQL  = false
SCHEMA   = 
SSL_MODE = disable
CHARSET  = utf8mb4

[indexer]
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve

[session]
PROVIDER_CONFIG = /data/gitea/sessions
PROVIDER        = file

[picture]
AVATAR_UPLOAD_PATH            = /data/gitea/avatars
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
DISABLE_GRAVATAR              = true
ENABLE_FEDERATED_AVATAR       = false

[attachment]
MAX_SIZE      = 3072
ALLOWED_TYPES = */*
PATH          = /data/gitea/attachments

[log]
ROOT_PATH        = /data/gitea/log
MODE             = file
LEVEL            = info
ROUTER           = file
ROUTER_LOG_LEVEL = file

[security]
INSTALL_LOCK        = true
SECRET_KEY          = 123
INTERNAL_TOKEN      = 123
PASSWORD_COMPLEXITY = off

[service]
DISABLE_REGISTRATION              = true
REQUIRE_SIGNIN_VIEW               = true
REGISTER_EMAIL_CONFIRM            = false
ENABLE_NOTIFY_MAIL                = true
ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
ENABLE_CAPTCHA                    = false
DEFAULT_KEEP_EMAIL_PRIVATE        = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING       = true
NO_REPLY_ADDRESS                  = noreply.localhost

[oauth2]
JWT_SECRET = 123

[mailer]
ENABLED = true
HOST    = smtp.exmail.qq.com:465
FROM    = [email protected]
USER    = [email protected]
PASSWD  = ****

[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false

2. git push

git push upstream/dev

3. Not tested yet, deploying testing

[wxiaoguang]

Not tested yet, deploying testing

Any progress?

[ghostman-git]

Not tested yet, deploying testing

Any progress?

The latest version is fine, but the upgrade from the original version will not work.

[lunny]

Could you run ./gitea doctor?

[wxiaoguang]

The latest version is fine, but the upgrade from the original version will not work.

If you create a new repo in your old instance, does its branch protection work?

[ghostman-git]

The latest version is fine, but the upgrade from the original version will not work.

If you create a new repo in your old instance, does its branch protection work?

Tried, invalid

[ghostman-git]

Could you run ?./gitea doctor

How to run？

./gitea doctor

[wxiaoguang]

The latest version is fine, but the upgrade from the original version will not work.

If you create a new repo in your old instance, does its branch protection work?

Tried, invalid

If you have tried gitea doctor and tried the newly create repo, the same problem still exists, from my side I do not have idea for this problem at the moment. It looks like something is out of sync, but it seems need some deep debugging work on your instance.

ps: does protection work for the push over https (not ssh)? if https works, then the problem is highly likely related the ssh part.

[ghostman-git]

The latest version is fine, but the upgrade from the original version will not work.

If you create a new repo in your old instance, does its branch protection work?

Tried, invalid

If you have tried and tried the newly create repo, the same problem still exists, from my side I do not have idea for this problem at the moment. It looks like something is out of sync, but it seems need some deep debugging work on your instance.gitea doctor

ps: does protection work for the push over https (not ssh)? if https works, then the problem is highly likely related the ssh part.

Use http, invalid

[ghostman-git]

The latest version is fine, but the upgrade from the original version will not work.

If you create a new repo in your old instance, does its branch protection work?

Tried, invalid

If you have tried and tried the newly create repo, the same problem still exists, from my side I do not have idea for this problem at the moment. It looks like something is out of sync, but it seems need some deep debugging work on your instance.gitea doctor

ps: does protection work for the push over https (not ssh)? if https works, then the problem is highly likely related the ssh part.

There are some warnings about data table columns in the log at startup, I don't know if it affects it

[lunny]

Those logs will not affect anything.

[ghostman-git]

[gwynlionhart]

I am having the same issue with Gitea version 1.19.3. Using docker.

1. Initialize Gitea as some admin user "admin"
2. Create an organization "org"
3. Create a Team "team" in that organization with write permissions to Code
4. Create a user and put them in the "team" Team.
5. Create a repository "test" in that organization and initialize the "main" branch
6. Go to the repo setting, then Branches, then Add New Rule for branch protection
7. Set Protected Branch Pattern to "main"
8. Disable Push
9. Required approvals:1
10. Block merge on rejected reviews
11. Save Rule
12. Clone the repo as the test user
13. Edit the readme file, commit it
14. git push
    See below output of the git push

user@workstation MINGW64 ~/projects/test (main)
$ git push
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Writing objects: 100% (3/3), 253 bytes | 253.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
To https://git-website.com/git/org/test.git
   ea12f0d..54c30fa  main -> main

[Zettat123]

Upgrade from previous version to v1.19.1

Which version did you upgrade to v1.19.1 from?

[ghostman-git]

Upgrade from previous version to v1.19.1

Which version did you upgrade to v1.19.1 from?

It may be gradually upgraded from v1.14.8, basically every version will be upgraded, but it is not clear which version to start from. This can be used well.

[GiteaBot]

We close issues that need feedback from the author if there were no new comments for a month. 🍵