**The syntax below does not work

How does it not work? Any messages? Silently fails?

The error message is Impossible to create object (400: allowed_to_merge is invalid)

Probably because of a wrong synxtax, i do not know how to set the --allowed-to-merge parameter.

The upstream docs ( https://docs.gitlab.com/ee/api/protected_branches.html#protect-repository-branches ) say that allowed_to_merge is a list of integers.

So I would think on the command line it would be: --allowed-to-merge=1 your example above says user_id: xxx

Sorry, the upstream docs say:

allowed_to_merge:

Array of access levels allowed to merge, with each described by a hash 

So maybe: --allowed-to-merge=40 would be for maintainer access.

I'm not quite sure what they mean by "described by a hash"

Thank you for your help :D

I tried gitlab project-protected-branch create --project-id yyy --name master --code-owner-approval-required=true --allowed-to-merge=xxx but it failed with the same error

Impossible to create object (400: allowed_to_merge is invalid)

It should be a complex structure as it can be a list of user_id or a list of group_id.

as it can be a list of user_id or a list of group_id.

That doesn't seem to be what the docs say 😟

If you can figure out how to make it work with a curl command then maybe we can then try to figure out how to make it work with the CLI.

as it can be a list of user_id or a list of group_id.

That doesn't seem to be what the docs say 😟

But it seems like it might be what the code says. Confusing 😟

https://gitlab.com/gitlab-org/gitlab/-/blob/1171f6fb3b81c3f7ebaf0a1295eee239e4ea9499/ee/lib/ee/api/helpers/protected_branches_helpers.rb#L21

Looking more closely at the docs I found:

https://docs.gitlab.com/ee/api/protected_branches.html#example-with-user--group-level-access

Which says:

Elements in the allowed_to_push / allowed_to_merge / allowed_to_unprotect array should take the form {user_id: integer}, {group_id: integer}, or {access_level: integer}. Each user must have access to the project and each group must have this project shared. These access levels allow more granular control over protected branch access.

An example curl command:

curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "\
https://gitlab.example.com/api/v4/projects/5/protected_branches?name=*-stable&allowed_to_push%5B%5D%5Buser_id%5D=1"

Which putting part of it into Python:

>>> urllib.parse.unquote("allowed_to_push%5B%5D%5Buser_id%5D=1")
'allowed_to_push[][user_id]=1'

So we for sure don't support that data type yet 😟 Right now I have a PR up to better support the array type: #1699

We will need to add support for the hash type in the future and the array of hashes.
https://docs.gitlab.com/ee/api/#hash

OK, thus i have i will have to change my code. Thank you for your investigation.

I see that 1735 got merged, but i'm still getting Impossible to create object (400: allowed_to_push is invalid) error on gitlab --debug --verbose project-protected-branch create --project-id 29 --name main --allowed-to-push '[{"access_level": 0}]'.

I thought the array ALLOWED_TO_MERGE has to follow the API

Am I wrong?

The debug mode of the above cli command shows:

send: b'{"name": "main", "allowed_to_push": "[{\\"access_level\\": 0}]"}'