Merge Queue Concept: A Complementary Solution To Secure And Automate Your Code on GitHub
In today’s world, automation has become increasingly important in software development for several reasons:
- Quality assurance
- Cost savings
Indeed, automating code increases efficiency by reducing manual and repetitive tasks, freeing up time for more complex ones. It also ensures code consistency and quality by setting up automated tests to catch errors early on, improving the overall quality of the code.
Automation makes it easier to scale development projects and can lead to cost savings by streamlining the development process and reducing errors.
Concepts and solutions are existing on GitHub and they can be life changers.
GitHub is full of interesting concepts allowing you to scale your development process like automating your GitHub backup, but there are a lot of complementary solutions that you can use at the same time together to upgrade your code.
One of the most interesting is the merge queue concept that can help secure and automate your code on GitHub, making the development process smoother and more efficient, and that’s what we will talk about with Mergify in this article.
Understanding the problem it solves
The common issue: merging outdated pull requests
To better understand the issue, imagine the following situation:
The main branch has passed its continuous integration testing, and a pull request (PR1) has been created, which has also passed the CI.
At this point, the repository is in a state of perfect harmony. However, it is temporary state.
While PR1 is still open, a new commit is pushed to the main branch, either directly or through another pull request. As a result, the main branch is modified, and the CI runs tests against it, which passes again.
Although PR1 is still valid according to the CI, a new merge commit is created when the merge button is pressed, and the CI tests fail. BOOM.
The reason for the failure is that PR1 does not have the latest version of the code, which includes new tests introduced in the main branch. When PR1 was marked as valid, the CI did not test it with the new commit added to the main branch. Therefore, it lacks the necessary code to pass the new test.
How to deal with this situation?
Basically, the problem is all about rebasing and the necessity for each pull request to be up-to-date. So you are facing 2 solutions:
- Only run your CI on the head of your feature branch – and do not require your feature branch to be up-to-date with the main branch.
→ The main drawback here is that your feature branch might be compatible with the main branch, or not.
- Require all feature branches to be up-to-date with the target.
→ The main drawback is that you waste a lot of time and money.
These solutions are hardly adapted
Let’s be clear, that’s a quite common situation for organizations and teams working with CI/CD processes, making you create merge conflicts, unsecured code, and wasting a lot of time doing things manually, decreasing security and Developer experience.
A better solution: the merge queue
What is a Merge Queue?
The merge queue concept is a way of managing your PRs in a centralized location, where PRs can be integrated, tested, and merged automatically and sequentially. The idea is to have a dedicated queue where PRs can be tracked and managed, prioritized, with each PR going through a series of automated tests before being merged into the main branch.
How does a merge queue work?
1. Queue valid PRs
Run the engine on your pull requests. All valid pull requests – the ones which validated all the conditions can be added to the queue.
2. Update and CI
The merge queue will make sure that each PR in the queue is up-to-date by merging the main branch into the feature branch.
Then the CI reruns to make sure the PR is mergeable.
3. To merge or not to merge, that’s the question
Two quite distinct cases:
- All checks passed → merge the PR.
- Failing test → remove the PR from the queue.
A GitHub Backup complementary solution
A merge queue provides an additional layer of protection against any possible failure or disruption of the standard GitHub merge process. This solution ensures that all pull requests are properly reviewed and merged in a controlled and efficient manner.
Remember that having your workflow trusted and conflict-free has an impact on your data. That is why you should always remember to perform automated GitHub backups as another layer of security. This way you restore copies from any point in time and roll data back to the previous states. Want to find out more about the most reliable features and practical tips? Read GitHub Backup Best Practices article.
At GitProtect we recommend you try Mergify’s Merge Queue.
Mergify is a CI/CD pipeline optimizer trusted by Airtable, Mozilla, and AWS to automate their pull requests and secure the code merge using a merge queue.