Not all Pull Requests need to be built. After all, for most projects, anyone can create a fork of the repository and submit a Pull Request. However, if an app on Bitrise is set up with Secrets that are exposed for Pull Request builds, for example, then you probably don’t want just anyone to be able to access those secrets.
That is why you have the option to require approval for a Pull Request build before it can start. This feature works somewhat differently for public and private apps:
- Private apps: By default, Pull Requests submitted from a fork require approval if any Secrets are marked to be exposed for Pull Requests. The setting can be changed. If your secrets are NOT exposed to PRs, the build will run without asking for approval.
- Public apps: Pull Requests submitted from a fork require approval by default and it cannot be changed. Public apps CANNOT opt out of this feature.
Enabling manual approval for private apps ⚓
To enable or disable manual approval, you need to be an admin or an owner on the application’s team. The application MUST be private: public apps cannot opt out of this feature!
- Open the app on Bitrise.
- Go to the
Scroll down to
Enable manual build approval option.
Please note that you can only change this setting for private apps! For public apps, this is ALWAYS enabled.
Toggle the setting to enable or disable it.
By default, it is set to enabled.
Approving the PR build ⚓
If a Pull Request is submitted from a fork, you will be notified that a PR build is waiting for approval:
- A notification email will be sent with the name of the app, as well as links to the repository itself and to the app’s
Buildspage on Bitrise.
- On the git hosting provider, the status of the CI check will show
Pending - Waiting for approval.
- On the
Buildspage of the app, a confirmation box will be displayed.
To approve and run the build, click the
Approve and Run Build button. Clicking
Review opens the Pull Request on the website of your git hosting provider.