Not able to Add Deploy Keys to Allowed to Push and Merge on Protected Branch

I hope this message finds you well. We are currently facing an issue while trying to protect a branch for all the projects within our group in GitLab. Specifically, we are encountering an error when attempting to add deploy keys to the “Allowed to push and merge” list for the protected branch.

To provide some context and follow the recommended steps from GitLab documentation:

  1. We have navigated to our group using the left sidebar search or direct link.
  2. In the group, we have gone to “Settings” > “Repository.”
  3. We have expanded the “Protected branches” section.
  4. From there, we selected “Add protected branch.”
  5. In the “Branch” text box, we have entered the branch name or a wildcard.
  6. In the “Allowed to merge” list, we have successfully selected a role that can merge into this branch.
  7. However, when attempting to add the deploy keys to the “Allowed to push and merge” list, we are encountering the following error message: “Failed to update branch!”

We would like to reiterate that we are only trying to add the deploy keys to the “Allowed to push and merge” list and not any other role.

Could you please assist us in resolving this issue and guide us on how to successfully add deploy keys to the “Allowed to push and merge” list for the protected branch within our group?

Hi @harsha.kalyan

As far as I know, you cannot add a Deploy Key into "Allowed to merge” or “Allowed to push and merge”. Deploy keys are not even listed in the fields and cannot be picked. Deploy key inherits the permissions of the user that created that key. So if the key was created by someone who has permission to merge and push the deploy key should be able to as well.

If you are on self-hosted instance or on with paid subscription you can create a Access Token instead and use that in the fields.

Hi @balonik ,
Thank you for your reply, the user has owner permissions on that project. I have attached a screenshot where we pick just deploy key and got a message banner. Also we are not self hosting gitlab and are not on a paid version. Since the error message is not clear we could not debug this issue and we just want the deploy keys to have the merge permissions as we do not want any of our maintainers or owners to accidentally push.

Hi @harsha.kalyan

I’ve just tried it myself on Owner permission on a repository, created new Deploy Key with write permissions, created new branch, add the branch to protected and selecting just the Deploy Key in “Allowed to push and merge”. It worked just fine. No issues. Try to unprotect the branch and protect it again with the new settings.

No I tried creating my own key and I have owner permissions. Tried but no luck. We are on gitlab SaaS version 16 but we are free customers does that have anything to do with this issue?

1 Like

I have the exact same issue. Updated to 16.6 and it’s the same. I can confirm it worked before!

We have the same behavior on 16.9. On 15.11 no problems

Perhaps there was a bug raised for this?

same here on later 16.x, worked nicely before. Did anyone raise a bug or/and found a workaround? We will try just re-adding a public deploy key and see if it works fine after that.

Added an issue here - Public Deploy Keys stopped working in 16.x /GitLab Self hosted CE/ (#452117) · Issues · / GitLab · GitLab please add information if you still are having this error, I could reproduce this in CE 16.8, latest 16.11 CE, and both had the same “failed to update branch” warnings…