Skip to content

Commit

Permalink
Branch protection remediation now uses default branch if none provide…
Browse files Browse the repository at this point in the history
…d. (#3436)

Branch protection remediation now checks if branch name is empty and gets the default branch if available.
If both are unavailable, remediation is skipped.


Co-authored-by: Juan Antonio Osorio ozz@stacklok.com
Fixes #3430
  • Loading branch information
blkt authored May 27, 2024
1 parent 64a22e8 commit db00a0f
Showing 1 changed file with 12 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,18 @@ func (r *GhBranchProtectRemediator) Do(
return nil, fmt.Errorf("error reading branch from params: %w", err)
}

// This check avoids passing around an empty branch name which
// causes issues down the road. Besides, it does not make
// sense to protect what does not exist. (cit. Ozz 2024-05-27)
if branch == "" && repo.DefaultBranch == "" {
return nil, fmt.Errorf("both rule param and default branch names are empty: %w", engerrors.ErrActionSkipped)
}
// This sets the branch to the default one of the repository
// in case no branch is configured via rule parameters.
if branch == "" {
branch = repo.DefaultBranch
}

// get the current protection
res, err := r.cli.GetBranchProtection(ctx, repo.Owner, repo.Name, branch)
if errors.Is(err, github.ErrBranchNotProtected) {
Expand Down

0 comments on commit db00a0f

Please sign in to comment.