We would like to enforce that our development team follow a branching workflow:
Create a feature branch in Git
Push changes to sources to a new branch in Crowdin (conventionally, named the same as the Git branch)
Pull translations from that branch back into the feature branch and commit changes
Open a pull request, merge changes to main
In CI, synchronize the new data in main to the Master branch in Crowdin, and delete the feature branch
To support this workflow, we would like to be able to protect the Crowdin Master branch so that push/pull is only allowed in CI (using a dedicated CI user). Is this possible? Is there an alternative workflow that is recommended?
Probably all of this can done natively by default integration, with “branches to synch automatically” and sometimes pause/resume button usage, but can’t say for sure, would be better to read a guide from knowledge base.
What else comes to mind is playing with PC as a buffer zone to use API (Crowdin → PC → GitHub) and vice verse, or GitHub actions, or both actions + API for different branches, here’s some info, API reference should also be somewhere within that portal
Still, as for me it’s better to have 2 stand alone users and 2 stand alone projects, where 1 would be “working” another would be private with only master/main inside and only an owner who would be also holding the integration or CI.
We want to prohibit developers (Users with role Developer) from accidentally overriding master sources.
We have a git branch we use for demos, which has lots of WIP features merged at once.
Some of our developers will use Crowdin CLI to manually push sources and pull translations to automatically fix conflicts in translation files when merging with that demo branch. So each developer will have a personal token for this purpose.
But it is so easy to accidentally omit --branch parameter and overwrite master branch sources on Crowdin side. Can we restrict pushes to master branch only to tokens with Manager role?
Our product team does not consider such edits to the branch restriction. This greatly complicates the logic of the system and will lead to bugs and ambiguities in behavior, which will definitely create a lot of problems.
You just need to not sync those branches that you no longer need. Anyway, even if there are changes in our branch, they will still not get into your repo without a review.
I am sorry, could you please help me understand your answer?
Our product team does not consider such edits to the branch restriction
Which edits?
You just need to not sync those branches that you no longer need
How is this connected to my question?
I am talking about pushing to master branch crowdin push sources without specifying the branch parameter (pushing to master branch). How to restrict pushing to the master branch so that only our CI can push there and not a developer manually from CLI?
I’m sorry that my answer was a little bit generic. I’ll try to be more specific.
I was referring to the idea that we do not plan to add any branch protections or branch restrictions from our side.
That means that any manager or developer can push to any branch that is connected to Crowdin. It’s expected that if you work with branches, you know how to work with branches, and push everything to the place where it should be pushed.
You can either not connect the master and work with only development branches, or simply notify your developers about the logic of the Crowdin workflow, so they don’t push anything to master.