Could merge a Pull Request without getting reviewer approval

Question

Hello everyone!

In AWS Code Catalyst, I could do merge a PR (without required approver) directly as a contributor. It means that I could a PR without required reviewer and then directly did merge that PR to main branch. It is probably unsecured process. There is not protected branch feature in source repository in Code Catalyst.

How can I overcome this issue?

Thank you!

Answer

Hi,

According to this: https://docs.aws.amazon.com/codecatalyst/latest/userguide/pull-requests-review.html,

> All required reviewers must approve a pull request before it can be merged.
Depending on your screen size and browser, the buttons to approve or merge a pull request might be hidden behind the Additional info information bar.

So it could be that if you do not add any required approves, you can then merge the PR.

You could look into adding IAM policies preventing to merge into a specific branch.

Answer

Hi Alatech,
Thank you for your comment!

In my case, I expected that merging PR should NOT be allowed if that merging skips approver. In other words, merging PR is possible only with approval.
Currently, Code Catalyst is managing users based on Builder ID accounts. As per my information, there is no any relationship between IAM and Builder ID accounts.

May I know any documentation for IAM policies preventing to merge into a specific branch in Code Catalyst?

I highly appreciate your comment.

Thank you!

Could merge a Pull Request without getting reviewer approval

関連するコンテンツ