Require AppSec approval for Omnibus, Gitaly, and Pages security merge requests
After #839 (closed), an approval from AppSec is required for GitLab security merge requests.
Since Omnibus GitLab, Gitaly, GitLab Pages security release process differs from the GitLab process, AppSec approval has not been enforced there.
Proposal
Require AppSec approval for these projects too.
- Allow
package-and-qa
to be executed in these repositories - Add AppSec approval rule on "Merge Requests Approvals"
- Implement validation on our tooling.
- We already did this one https://gitlab.com/gitlab-org/release-tools/-/issues/457
- Test the validation has taken place
Edited by Mayra Cabrera