Require approval on Security MR's
Currently, no approval is required on security MR's:
We should consider changing this to:
-
Modify the project settings to require at least one approval on the merge request.
-
Modify our the
release-tools
validation, such as it re-assigns the MR back to the author if the MR is not approved. (i.e - https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/58#note_282263804)
Development log
- Different options about how to implement this were analyzed #710 (comment 361609515)
- Given the current approval rules we have on Security and Canonical, it was decided to reflect that logic into our validation tools
- Backend implementation merge request was created gitlab-org/release-tools!1041 (merged)
- First test failed because the wrong method was used https://ops.gitlab.net/gitlab-org/release/tools/-/jobs/1315812
- Bug was fixed on gitlab-org/release-tools!1043 (merged)
- Second test passed https://ops.gitlab.net/gitlab-org/release/tools/-/jobs/1315857
Edited by Mayra Cabrera