Ensure Gitlab branch protection rules does not allow force pushes
Error: Gitlab branch protection rules allows force pushes
Bridgecrew Policy ID: BC_REPO_GITLAB_1
Checkov Check ID: CKV_GITLAB_2
Severity: MEDIUM
Gitlab branch protection rules allows force pushes
Description
In GitLab, permissions are fundamentally defined around the idea of having read or write permission to the repository and branches. To impose further restrictions on certain branches, they can be protected.
When you perform more complex operations, for example, squash commits, reset or rebase your branch, you must force an update to the remote branch. These operations imply rewriting the commit history of the branch. Forcing an update is not recommended when you’re working on shared branches.
You can enable force push on a protected branch, but this is ill-advised.
Updated 3 months ago
Did this page help you?