Protected Branches are problematic for mirroring
With #9 (closed) we got cloning/mirroring between gitolite and gitlab. Ignoring #36 (moved) for now, it seems we have a problem with using protected branches. Specifically, we configured protected branches for '*' and disable merging via the web interface, and 'Maintainers' are allowed push access. This seemed like it was close enough to what we wanted, however we now have another problem.
remote: remote: GitLab: You can only delete protected branches using the web interface.
remote: To dip.torproject.org:tpo/applications/tor-browser-build
remote: ! [remote rejected] 20254-update-marsigning-check-sh-to-cope-with-signed-os-x-mar-files (pre-receive hook declined)
remote: ! [remote rejected] maint-9.5 -> maint-9.5 (pre-receive hook declined)
remote: ! [remote rejected] refs/merge-requests/2/head (pre-receive hook declined)
remote: ! [remote rejected] refs/merge-requests/3/head (pre-receive hook declined)
remote: ! [remote rejected] refs/merge-requests/3/merge (pre-receive hook declined)Specifically, the description of Protected Branches includes:
- prevent anyone from deleting the branch
- prevent anyone from force pushing to the branch
I guess we need a different approach.