Require merge request approval by code owners
Large organizations with many projects and large projects need to enforce review policies so that they can ensure the correct teams and individuals review changes that impact them. Code owners will be automatically added to related Merge Requests (separate feature), but it is also necessary to add controls to prevent changes directly to important branches without approval.
We should add the ability to enforce code ownership requirements on branches
CODEOWNERS file to determine code owner of the branch and add a merge request option to require approval by code owners.
Require approval by code owners Only allow code owners change files that match CODEOWNER rules. Commits that change files owned by other users of groups will be rejected. Masters may change any file.
Master permissions may change any file. Perhaps a warning should be shown for each file that they do not have permissions to change?
If a user that is not an owner of a file tries to push a commit that changes the file to a protected branch, they should receive feedback that they are not permitted with details of which changed files violate the rules.
remote: remote: Permission denied: Code Owners are enforced on this branch remote: remote: Changed files protect by .gitlab/CODEOWNERS remote: models/foo/bar.js (@jramsay, @gl-platform) remote: