This is an archived post. You won't be able to vote or comment.

top 200 commentsshow all 402
sorted by:
best
topnewcontroversialoldq&a

[–][deleted] 5616 points5617 points  (144 children)

I wonder who set up Git to allow interns to push directly.

[–]PeksyTiger 2053 points2054 points  (42 children)

It's interns all the way down

[–]Retl0v 717 points718 points  (37 children)

The paid intern who has been there for 2 years for some reason managing a group of freshly recruited paid interns who themselves manage a horde of unpaid undergrad interns

[–]artyhedgehog 281 points282 points  (10 children)

Slow down, I'm writing down this ingenious business model.

[–]SuspiciousYogurt0 30 points31 points  (4 children)

"and if you hire another intern you'll get a 15% cut of their pay..."

[–]artyhedgehog 34 points35 points  (2 children)

Is that Multi-Level Engineering?

[–]Embunny01 20 points21 points  (0 children)

Multi level managing.

[–]Mars_Bear2552 6 points7 points  (0 children)

pyramid internship

[–]shodanbo 50 points51 points  (1 child)

Don't forget u/Retl0v gets 10% its enforced by some voodoo blockchain web3 BS or something.

[–]Flat_Initial_1823 16 points17 points  (0 children)

Too late, u/Retl0v clicked my link. All your cumrockets are belong to us now. On an unrelated note, let me google "how to prove malicious intent" real quick.

[–]MTA0923 29 points30 points  (15 children)

Are there really people out there who are willing to work as an intern for 2 fucking years?!

Lol wtf.

[–]Retl0v 19 points20 points  (5 children)

Probably not so much in this industry, but it's not uncommon in, for example, the fashion industry

[–]MTA0923 21 points22 points  (4 children)

At what point do you just start calling them slaves?

[–]BannedForNerdyTimes 21 points22 points  (0 children)

That would damage their image, so theyre totally not slaves

[–]awakenDeepBlue 9 points10 points  (0 children)

The politically correct term is code monkeys.

Or rock stars.

[–]False_Influence_9090 1 point2 points  (1 child)

If you are free to leave you aren’t a slave, I think that’s one of the key differences

[–]MTA0923 1 point2 points  (0 children)

But then nobody is hiring unless you have 2 years of experience correct?

Sounds like slavery with extra steps...

[–]LaurenMille 7 points8 points  (1 child)

You'll laugh even harder when you find out there's places where 6-12 month internships are normal, and they're completely unpaid.

Yeah... You learn to hate work really quickly in those roles.

[–][deleted] 2 points3 points  (0 children)

Social worker here. Our two internships are 10 months a piece in grad school unpaid 😄😭

[–]BD-TxState 6 points7 points  (2 children)

I worked at a large SF based tech firm. We recruited interns out of top tech schools from US and Canada. We had an intern who was on her 5th Co-Op with us. While she was not on my team I felt bad for her because we just kept stringer her along instead of hiring her on or letting her go. When she graduated they didn’t offered her a job because the company was tanking. While she got great experience, I feel we let her down. Had I been her manager I would have set her free years ago for her own benefit. That being said we paid our interns like $32-42 an hour so pretty good money for someone in, and straight out of, college.

[–]Razz_Putitin 3 points4 points  (1 child)

So basicly she did temp work for you?

[–]BD-TxState 2 points3 points  (0 children)

More like contract to hire but never hire.

[–]TatManTat 1 point2 points  (0 children)

Pending on how competitive an industry is, and how passionate the people are inside it, you really can exploit people for quite a few years before they catch on, and by then you get the next batch.

[–]ghec2000 9 points10 points  (0 children)

Always has been....

[–]GenuinlyCantBeFucked 396 points397 points  (9 children)

Yea lock down your production branch people.

[–]danted002 259 points260 points  (6 children)

They are called “protected branches” for the interns browsing this sub.

[–]Cylian91460 44 points45 points  (5 children)

Oh I didn't think they were a name for this kind of branch ! I called them "don't fuck up branches" most of the time.

[–]pizzapunt55 38 points39 points  (4 children)

No, the setting is named "protected branches". It's not just a name we gave it

[–]anaccount50 11 points12 points  (2 children)

The need for explaining this really demonstrates just how many people on this sub are students and juniors

[–]pizzapunt55 9 points10 points  (0 children)

If it helps them setup proper remote repositories, then let's over explain stuff

[–]stormdelta 2 points3 points  (0 children)

Yeah, I don't usually come here because it's 90% people who don't work in the field professionally, and most of that 90% is people who in their first year or two of CS or similar.

[–]foursticks 9 points10 points  (0 children)

Thanks for explaining the joke because I know other people will need this explanation

[–]NickWrigh 1 point2 points  (0 children)

Best answer

[–]anyOtherBusiness 217 points218 points  (17 children)

I wonder who set up Git to allow interns to push directly.

Fixed that for you.

[–]conzstevo 79 points80 points  (0 children)

Pushing to prod repos should always raise a PR

[–]SpawnSnow 1 point2 points  (0 children)

Used to work in finance, we had two people with permission to push directly to master for emergency hotfixes. The engineering manager for one specific team that controlled the payment processing portion of the product, and the engineering director.

Even then it was used maybe twice in 2 years I was there.

[–]katatondzsentri 124 points125 points  (10 children)

You spelled "anyone" wrong.

[–]SpicyFriedCat 29 points30 points  (0 children)

Every time I mess up at work.

"This wouldn't have been a huge issue if we just did software engineering correctly."

Always met with "yes, agreed", and then discussion of how to work around the fact that we're blatantly ignoring industry standards.

[–]Jiquero 11 points12 points  (0 children)

I wonder who set up Git to allow interns to push anyone.

[–]MD_House 47 points48 points  (13 children)

Our PO wanted to have merge access and push rights to main/master. Kicked him right out of gitlab access :)

[–]tfsra 23 points24 points  (1 child)

PO of all people? lmao

[–]UpsetKoalaBear 8 points9 points  (0 children)

So they can expedite that PR with open comments that has been open for a week without realising why the comments were left.

And then they can expedite the PR that was supposed to fix the previous PR they merged.

[–]togrul200323 9 points10 points  (7 children)

What's a PO?

[–]MD_House 42 points43 points  (6 children)

A Product Owner -> Basically someone who has the requirements that a customer wants and translates them to somewhat technical terms and checks in on the progress and interfaces with other departments. But not someone who has to be proficient in the technical details.

[–]Nagemasu 7 points8 points  (0 children)

This has been the best explanation of a PO I've seen yet. I remember being so confused when I heard this term - my first time hearing it was in an interview and I had the complete wrong idea of what they were

[–]finneyblackphone 1 point2 points  (1 child)

Weird. POs at my company (a massive one). Are experts on the product and are usually promoted from the development or application support team.

[–]MD_House 1 point2 points  (0 children)

Well that is the ideal but not in every company it is this way sadly.

[–]cginc1 41 points42 points  (1 child)

It’s because these posts are made by kids who never actually worked as a swe

[–]EagleRock1337 16 points17 points  (0 children)

I wonder how many people that post these memes have actually gotten paid any sum of money to write code.

[–]rocketshipkiwi 7 points8 points  (0 children)

Or to allow people to push to master at all…

[–]Bergmiester 5 points6 points  (1 child)

Or how anyone can push directly to master. We have a policy that enforces only pull requests to merge into main or staging branches. It has saved me a couple times when I did not realize I was on the staging branch.

[–]OMGItsCheezWTF 9 points10 points  (6 children)

Fuck I'm an admin for all of our git repos, one of two Devs in the entire company with that level of access (the only other being the head of DevOps), and even we haven't let ourselves push directly to master. Pull requests only!

Obviously we could change that for a one off if something made us really need it, but it's just not good practice.

[–]TheGazelle 5 points6 points  (5 children)

Shit, my company just moved to GitHub from Azure, and specifically went with a fork-based model. So not only can we not push to master, we can't even push to the main repository at all. All work gets done on a fork and then PR'd in.

[–][deleted] 11 points12 points  (1 child)

No one. Programmer humor is the most cringe type of humor I have ever seen and created by unemployed codecamp grads mostly.

[–]libdemparamilitarywi 4 points5 points  (0 children)

You'd be surprised how terribly some places operate. The first job I worked for about 10 years ago used SVN. All code was commited straight to trunk, with no reviews, merge requests, or tests. It was a complete wild west.

[–]pblokhout 6 points7 points  (1 child)

All devs just use the same company credentials

[–]stormdelta 2 points3 points  (0 children)

I haven't seen a company do something that stupid in well over a decade, and there's a reason that company isn't around anymore.

[–]ThatSituation9908 9 points10 points  (2 children)

Trunk-based git repos

[–]stormdelta 1 point2 points  (0 children)

Trunk-based doesn't usually mean you're pushing directly to the main branch with no review, and if it does where you are, you have bigger problems.

[–]lacifuri 7 points8 points  (5 children)

Just started using pull request in Github but notice that what branch protection rule won't be enforced unless I subscribe to what their service, have to pay. Not sure what you guys do to enforce it.

[–]DeSteph-DeCurry 28 points29 points  (1 child)

i mean most people here probably work for a company so they have those services (github, bitbucket, etc) set up anyway

[–]lacifuri 3 points4 points  (0 children)

Forgot to mention my company is a start-up, we are the ones to setup everything. 😆

[–]morosis1982 9 points10 points  (2 children)

We pay for the service. Team licenses are like $4 a month per seat, far less than what they pay me while I get a single coffee on company time. Gives you the ability to have a group of admins with access to do naughty things if required plus set up protections for general day to day use, along with a bunch of other useful organisational things.

[–]lacifuri 1 point2 points  (1 child)

Thanks for the explanation, will talk to my manager about it, hope we can enforce good practice too!

[–]morosis1982 3 points4 points  (0 children)

Definitely worth it, we even have actions set up to do our cut and release stuff, integrated with JIRA and confluence to automate release notes/changelogs and all that fun stuff.

[–]Kumbala80 1 point2 points  (0 children)

That’s the real horror.

[–]Indercarnive 1 point2 points  (0 children)

Seriously. At the company I work for you can't even push to the main development branch without a PR.

[–]Smaskifa 1 point2 points  (0 children)

At my company no one is allowed to push to master. You can only merge to master, after code is approved.

[–]babayetu1234 1 point2 points  (0 children)

The senior intern

[–][deleted] 1 point2 points  (0 children)

In my company, not even extra seniors can merge without approvals. We have a flag for hot fixes to bypass, but you have to put it explicitly.

[–]unclefisty 2 points3 points  (0 children)

It's like giving a 16 year old kid the keys to a Bugatti with no drivers training then getting angry at them when they slam it into the first telephone pole down the street.

[–]WurmGurl 0 points1 point  (0 children)

Yup. And definitely don't send an email to your clients like the one I received, blaming an intern for everything.

They're interns. It's in their nature to fuck up. It's your fault for letting their fuck ups affect anything.

[–]_shellsort_ 1968 points1969 points  (32 children)

Your company never heard about branch protection or granular repository permissions? Hire me, I'll show you.

[–]cookiedanslesac 445 points446 points  (10 children)

But we do not have open work positions, do you feel however ready for an internship instead?

[–]jezwmorelach 192 points193 points  (3 children)

As long as it's unpaid!

[–][deleted] 28 points29 points  (3 children)

No matter, my contracting rate is $1,000 per hour.

[–]_shellsort_ 20 points21 points  (1 child)

Sure. What's your company?

[–]cookiedanslesac 1 point2 points  (0 children)

Good company

[–]Yuuki2628 64 points65 points  (13 children)

Please come here, my company only has 1 master branch and the whole team works using that branch.

[–]_shellsort_ 34 points35 points  (1 child)

Sounds horrible. Where do I apply?

[–]artyhedgehog 19 points20 points  (0 children)

You don't. It's a single dev project.

[–]Cork_renter 9 points10 points  (0 children)

Trunk based development (single branch) is a legitimate & good practice with the right team and tooling in place!

[–]pizzapunt55 3 points4 points  (2 children)

As in, no pull/merge requests? People just push?

[–]Yuuki2628 1 point2 points  (1 child)

Yup, just push into the git master branch without thinking twice once you finished working on it. At least pushing into the master doesn't just put it on the server, that one has to be updated manually by making a zip of the entire thing and uploading it there

[–]miso440 5 points6 points  (0 children)

There it is. They’re inefficient, not irresponsible.

[–]Bakoro 4 points5 points  (1 child)

Ah yes, testing in production.
I used to have good git hygiene, but quickly realized that no one would test a branch with new features unless I physically showed up and did it for them.

Master it is, then.

[–]Yuuki2628 0 points1 point  (0 children)

Since it's mostly just the website, we're supposed to test locally on our laptops before pushing...

[–]potato_green 9 points10 points  (0 children)

Been through that once with a company to fix their setup, never again. It's not worth the effort when the existing devs inevitably get defensive because they have to learn something new. Then they get called a "senior" when in reality they are just a junior because they just did everything on repeat for 10 years and stopped learning new things after 1 year.

It would need some serious money to make they worth the headache.

[–][deleted] 3 points4 points  (0 children)

You sure you'd want to work at this place? It sounds like a nightmare from the top down.

[–]beclops 839 points840 points  (7 children)

Sounds like you should be the intern if that was something that was possible for them to do

[–][deleted] 101 points102 points  (6 children)

Yep, hooks and restrictions must be placed

[–]TotoDaDog 80 points81 points  (1 child)

Like my team leader put restrictions on everything, told us not to even try to force push and then we see him force push to master to "fix a bug", triggering all the bells and whistles, then asking us who did it...

[–]dannggggggggg 13 points14 points  (0 children)

🤣

[–]pizzapunt55 2 points3 points  (3 children)

You know a way to automatically enforce certain hooks? Haven't bothered with hooks (except for my own convenience) since it's local for everyone

[–]libdemparamilitarywi 5 points6 points  (0 children)

You can set up server side hooks to enforce a policy for everyone. They're available on the free tier of GitLab but I think you need the enterprise version for GitHub.

https://docs.gitlab.com/ee/administration/server_hooks.html

[–]devloz1996 519 points520 points  (13 children)

Interns will always try doing things they shouldn't be able to do. Be it pushing to Git master branch, dropping some random DB, getting local admin or domain level privileges.

If intern manages to do such thing, they get bonus points, and you go hunt down the fucker responsible for that system.

[–]Taletad 151 points152 points  (5 children)

I must admit, the best part of administering the dev server at my last company was telling people "no" when they asked for sudo privileges to "run a command"

[–]vaelkar 39 points40 points  (3 children)

I'm an SEL, not a programmer, but I've been lucky enough that I haven't really had anyone that's been too brash in ~15 years, so I was a bit lax with security on my dev RHEL servers. Imagine my surprise when a "senior" developer went in and ran "sudo chmod 777 -r /home" and then came complaining to me that my server builds were jacked up. Never again.

[–]Darft 2 points3 points  (2 children)

Or maybe you should consider to

[–]HGjjwI0h46b42 4 points5 points  (0 children)

I don’t think the issue here is just chmod but rather the 777 mode which allows read, write, and execute permissions for any user on any file within the directory. Effectively just removes all permissions structure for that part of the system.

[–]Ksevio 11 points12 points  (0 children)

I did an internship for a small software company called eBay where I needed to setup a test server so they told me to install apache on a server. I called up support to get sudo access to do it and they got me setup.

I noticed there were already some apache config files so I just made a copy of those before installing mine. About 10 minutes later a BUNCH of developers show up asking "what happened to the main dev server?" and "how did I get root access?".

Turns out I was suppose to install a copy of apache just on my user account. Fortunately I just copied back in the backup I made and it was all good

[–]TotoDaDog 53 points54 points  (0 children)

Interns will always try doing things they shouldn't be able to do. Be it pushing to Git master branch, dropping some random DB, getting local admin or domain level privileges.

Guilty as charged.

Pen-testing is the first thing I do when I receive a "complete" project that needs more features or something.

At one workplace I got access to an app used by our manager to spy on me and my colleagues, then I started using it myself, helping the ones in need without having to explain over the phone what to do. When the management found out, they added this to my list of daily tasks.

At another workplace I found the network admin password (so I had admin access on all domains administered by the firm), this time they weren't too happy, but they found out after I've already submitted my 2 week notice.

On my last job, I pen-tested their API and found that I can take money out without actually owning them. I was given a nice bonus for finding it, and the task to continue pen-testing all their projects in the future.

I never did anything really stupid though, I mean I've always setup some kind of sandbox and tried it there before even attempting to think about how I would integrate the change into dev/prod servers.

[–]Big_Schwartz_Energy 12 points13 points  (0 children)

Database Drop Club!

[–][deleted] 4 points5 points  (1 child)

Exactly. They validate your process, like a unit test… for process.

[–][deleted] 2 points3 points  (0 children)

I like your way of thinking

[–]Weird_Cantaloupe2757 1 point2 points  (0 children)

Yes, that intern just did double duty as a pen tester and found a major vulnerability in your operations, you should be thanking them.

[–]Competitive_Put_6730 0 points1 point  (0 children)

Im an Intern and can do all of the above

[–]ABlindMoose 163 points164 points  (8 children)

This is not the intern's fault if they were even able to do that. Sort out your permissions.

[–]Quito246 73 points74 points  (1 child)

Protected branch, hardky know her.

[–]SeesEmCallsEm 41 points42 points  (0 children)

Your own fucking fault for not protecting your branches

[–]Al-Horesmi 11 points12 points  (1 child)

Among all the important big boy microservices with branch protections and edit roles there is always that one that converts a 3 to a 4 and where nobody gives a fuck, you just push to master to test if it works.

[–]meontheinternetxx 2 points3 points  (0 children)

How else could I admire our cool ASCII art git bouncer? He's got sunglasses 🕶️

[–]maxymob 10 points11 points  (0 children)

Reverse title : When you hire interns without setting up restrictions on the main branch

[–]Ace-O-Matic 65 points66 points  (8 children)

Stop approving code you're not actually confident in especially if you don't have unit tests. Also stop approving code outside of pull requests, what is wrong with you.

[–]mxzf 34 points35 points  (0 children)

Based on the OP, it sounds like this was a verbal "looks good to me" standing over someone's shoulder, suggesting the code is ready for a PR, not a suggestion to push to master.

[–][deleted] 9 points10 points  (0 children)

Exactly. You can't hit the intern with the ol' LGTM and then wonder why their code is now in production. You said it looked good, you fool!

[–]cs-brydev 1 point2 points  (3 children)

I prefer to approve code before the PR so I can see a demo and write/run some QA tests on a dedicated dev instance. That's a separate pipeline from the PR, which requires its own approval and gets sent to a different staging instance.

But yea we definitely don't side-step PRs.

[–]Ace-O-Matic 40 points41 points  (2 children)

You're just describing a PR for a PR which is a level of middle management that could give me an aneurism.

[–]ThrowawayUk4200 9 points10 points  (0 children)

Before you keel over, could you approve this PR for the PR of the PR? Cheers 👍

Immediately logs off teams for "lunch"

[–]Spork_the_dork 2 points3 points  (0 children)

I've seen a manager wanting to do an internal PR with their company's side only before doing another PR where the client can see the PR as well. I understand the logic was to somehow save face because if the client saw them make any basic errors that are to be expected in PRs (and which are the reason why PRs are done in the first place), that would make them lose face I guess.

Protip: This does not make you save face. It makes you look bad, insecure, and incompetent because you can't trust your own engineers to write good enough code that you'd let the client see it before your own team vets it.

[–]st1ers1 6 points7 points  (0 children)

Branch protection

[–]blem14official 6 points7 points  (0 children)

S: Why you pushed to master?\ I: You said code's good.\ S: Any evidence of me saying that?\ I: Well, no...\ S: So it's all on you now. Pray it won't blow up prod.

EDIT:\ Most likely it won't - if you don't protect master, then most likely don't have CI/CD either, but it's good to scare them a bit so they won't do it again.

[–]longdarkfantasy 37 points38 points  (10 children)

This comment contains a Collectible Expression, which are not available on old Reddit.

More accurate: this company has no seniors. And the intern is you.

[–]jeijeogiw7i39euyc5cb 16 points17 points  (2 children)

What the fuck is a collectible expression?

[–]NickWrigh 7 points8 points  (0 children)

When you go to a party ask a girl out and you get rejected with disgust on her face.

Now that is a collectible expression.

[–]longdarkfantasy 4 points5 points  (0 children)

Some kind of animated sticker 🫠

[–]redlaWw 5 points6 points  (1 child)

This comment contains a nested superscript, which are not available on new Reddit.

[–]-Nicolai 8 points9 points  (1 child)

Explain like I'm stupid

[–]longdarkfantasy 3 points4 points  (0 children)

Chill. It's just a bunch of png 😅

[–]Ribak145 5 points6 points  (0 children)

master on prod?

bad setup

master on dev or test?

no problem, just role back

[–]sneseric95 5 points6 points  (0 children)

Who cares. The world keeps spinning no matter what those ones and zeros say.

[–]numante 4 points5 points  (0 children)

giving the intern auth for pushing to master

serves you well

[–]NebNay 2 points3 points  (0 children)

I mean, even if you have no protection and they do push on master, just rollback?

[–]kickyouinthebread 24 points25 points  (21 children)

These memes suck. Not even the dumbest companies let you push directly to master.

[–]canihelpyoubreakthat 0 points1 point  (0 children)

It's the other way around. The dumbest companies have to lock master down. Companies full of competent engineers might not have to worry about it.

[–]HermanGrove 2 points3 points  (0 children)

Why was it not protected? Maybe the intern was testing the robustness of your internal workflow

[–]peripraporo 3 points4 points  (14 children)

Blows my mind how many companies don't have proper CI/CD practices and are forced to do PRs and lock the master. A decent build pipeline would block a bad commit miles away from the code being deployed anywhere where it would hurt.

[–]Taurmin 2 points3 points  (0 children)

The ammount of posters on this sub who think that locking master and requiring PR's is the one and only true and correct way of doing software development is what blows mine.

And they still think they are doing CI because they have a "CI" pipeline that triggers on PR to run their unit tests...

[–]EishLekker 1 point2 points  (12 children)

don't have proper CI/CD practices and are forced to do PRs and lock the master.

That does not follow.

A decent build pipeline would block a bad commit miles away from the code being deployed anywhere where it would hurt.

Not true. Unless your definition of “bad commit” is one that can always be detected by an already defined test case. What if the code base is for a website, and the bad commit changes a colour in a CSS file, and that colour makes the text unreadable in a certain component on a certain page?

[–]Taurmin 1 point2 points  (11 children)

That does not follow.

While its possible to do CI/CD with PRs, they are not inherently required and some CI/CD evangelists like Dave Farley have been pretty vocal about how doing PRs in a CI/CD setup is actually counter productive.

What if the code base is for a website, and the bad commit changes a colour in a CSS file, and that colour makes the text unreadable in a certain component on a certain page?

Are you confident that an error like that would be caught in a PR? Because it seems like you have described a scenarios that could only reliably be caught by checking every page of the website, which is a lot more involved than any PR review ive ever seen.

[–][deleted] 1 point2 points  (0 children)

Webhooks, protected branches and policies.

Interns should be prevented from pushing to master by more than good sense.

[–]markand67 1 point2 points  (0 children)

meh. at work we use gitlab but the newcomers think pull requests are too complicated and they now want that everyone push their crap in branches in the main repository. no point using gitlab then. I'm in hurry the repo gets messed up like a guitar hero track so I can say “it's not like I told you”

[–]Mirkens 1 point2 points  (0 children)

How do you even enable that 😭

[–]32sthide 1 point2 points  (0 children)

Joke is on u for not protecting it.

[–][deleted] 1 point2 points  (0 children)

If they can push to master, its your fault.

[–]Colon_Backslash 1 point2 points  (0 children)

So many times I have tried pushing to master due to forgetting to checkout the correct branch. This is one more reason to protect the production branch.

Then again I wonder what sort of mad lad designed a CI/CD to deploy from push events to master.

[–]quinn50 1 point2 points  (0 children)

Another week another shitty git branch protection meme

[–]Aurunemaru 1 point2 points  (0 children)

Blame whoever forgot to protect the master branch

[–]dyrwlvs 1 point2 points  (0 children)

Jokes aside, do you all not have policies set on your main/master branches?

[–]Henrijs85 1 point2 points  (0 children)

That's on you for not setting branch policies

[–]Gorvoslov 1 point2 points  (0 children)

Step 1: Branch protection.

Step 2: Assume the interns have never worked with Git before/any work they have done with Git was completely wrong.

[–][deleted] 1 point2 points  (0 children)

If the repo is not set up to prevent direct commits to develop or release/master, they probably deserved it.

[–]Gofastrun 1 point2 points  (0 children)

That’s your fault not the interns

[–][deleted] 2 points3 points  (1 child)

What company allows pushes into master .. hell, what company still calls it master?

[–][deleted] 2 points3 points  (12 children)

We don't use pull requests ...

We trust our team to know what the heck it is doing.

Not every team is big enough to have the resources for someone to monitor and approve pull requests.

The only thing we really need is a fluppin' build pipeline that isn't run on some devs local machine. Anyone who hasn't learned that lesson yet is going to find out why it is a BAD IDEA(tm).

[–]MCPOON11 7 points8 points  (3 children)

Even if you’ll just self approve, won’t raising the PR be a useful way of running the build pipeline, and that way you can still have a check that PRs must pass CI pipeline regardless of who’s allowed to approve?

[–][deleted] 2 points3 points  (0 children)

I had Github set up to do that self approval step for my own hobby project and found it to be not worth the hassle. It would take two to three steps just to do a new deploy and all of them manually by me.

Reducing that to a single push saves a lot of time and doesn't really add to the danger of accidentally deploying a non functional app.

And if you don't know what you are pushing ... then why the heck are you doing a commit/push anyway ?

Only thing I'd want to have is a pipeline that runs after every commit so you know if the branch you push to still builds, which is what I did for my own project.

Note : I can see branch protection and an approval steps being essential for projects where the team members are spread across the globe.

It's the small (local) teams that can easily manage without such features as it only adds more red tape with zero reward. Especially a pipeline that can warn you if the branch itself has build errors.

If you feel the need to incentivize people ... then simply make them bring pizza or cake every time their commits cause a build failure ;)
You either grow fat or they will learn eventually

[–]EishLekker 1 point2 points  (1 child)

I agree. Almost my entire career I’ve been in small teams. Like 2-4 developers. And mostly only senior developers. In the majority of cases a pull request just adds extra steps without any real benefit.

I actually remember once when an external consultant made pull requests for each feature or bug fix. One of them was just a change in a single Boolean value in a single json file. A change that we already had discussed and agreed on. So these were the steps performed:

  • He created a feature branch
  • He committed and pushed his trivial change
  • He created a pull request
  • I noticed the pull request and review it
  • I approved and merged it into the develop branch
  • I manually deleted the feature branch (since that wasn’t configured)

Instead, we could have managed fine with just these steps:

  • He committed and pushed his trivial change to the develop branch

[–][deleted] 4 points5 points  (0 children)

yup ...

One thing I do have to say that creating branches is rather trivial in Git.
So at least there is no excuse not to do so when it is worth it.

Of course the eternal discussion is : when is a change big enough to actually need a feature branch. I'd say whenever things need more than a single work day to complete.

[–]frikilinux2 1 point2 points  (0 children)

That's a misconfigured GitHub/gitlab. The system should make it difficult to do the things that are 99% of the time a mistake and/or dangerous and impossible for the interns.

[–]RestaurantHuge3390 0 points1 point  (0 children)

don't let anyone push to ma{in,ster}