'How to prevent pushing directly to Master branch in AzureDevOps

User from a group like Build Administrator can access the project from Azure Devops. I need to control the user in that group to upload the file directly to the master branch. The user can manually upload files to all branches except Master. Because my master branch is based on Pull request. How can I implement this? Does it need any permission?

azure-devopsbranchdevops


Solution 1:[1]

There are a few critical branches in your repo that the team relies on always being in good shape, such as your master branch. Require pull requests to make any changes on these branches. Developers pushing changes directly to the protected branches will have their pushes rejected. Thus, following this doc: Improve code quality with branch policies to protect your master branch.

In addition, be reference to this doc: Allow bypassing branch policies without giving up push protection, please note that these 2 permissions(Bypass policies when completing pull requests and Bypass policies when pushing) shouldn’t be granted to your mentioned Build Administrator group for master branch. See: Set branch permissions for details.

Solution 2:[2]

Just to understand,

You want to allow your user to store their files on the master branch ? Which tool are they using to upload ? Visual Studio or just drag & drop ?

Anyway you can have some settings on the azure devops by going on

Azure Devops ---> Your Repository --> Branches --> Select the branch you want to modify and click on the 3 dots (...) --> Select Branch Policies

Solution 3:[3]

As soon as you enable any policy on your default branch changes must be made via pull request.

From the branch policy dialogue

Branch Policies: Note: If any required policy is enabled, this branch cannot be deleted and changes must be made via pull request.

So to disable direct commits follow these steps:

  1. Navigate to project settings (cogwheel)
  2. Repositories > select your repo
  3. Navigate to Policies
  4. In the Branch Policies section select your default branch
  5. Enable any policies that make sense to your use case. Require a minimum number of reviewers might be a good starting point.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Rasmus
Solution 2 Miguel Martin Perez
Solution 3 Matthias Güntert

Related Questions