Support for custom bots to participate in review process
Problem to solve
Gitlab doesn't have any extensibility in terms of customizing the review process (adding review bots etc)
Further details
Github has lots of features that can be used to enrich the PR review process and add custom "gates" to ensure that all checks are ok before the code is ok to merge. For an example, see https://github.com/jaegertracing/jaeger-client-python/pull/208
Gitlab doesn't have any features here at all. It's super easy to add webhook functionality using the (excellent by the way) api, but for PRs that's mostly limited to posting comments and discussions - its hard to inject logic to drive the review process.
Proposal
Add an integration framework for pluggeable integrations that would gate a PR in the same way as a failed CI pipeline or pr approval does. This should work so that each integration was either soft or hard, and for "hard" gates, all enabled integrations would simply result in a "ok/not ok" flag. Integrations would live completely isolated from each other.
I think this would open up a whole world of new and interesting integrations, and make Gitlab an even more compelling platform for dev teams and "code-first" infrastructure teams.
What does success look like, and how can we measure that?
- Add the ability to plug in custom integrations that would have the same "native feel" as gitlab's existing SAST and "Container Scanning" features using well-defined apis and not requiring changes to Gitlabs code base
- Integrations are independent to each other, and each adds a gate that controls whether the PR is merge-ready or not
- Well-defined api for displaying various results in the pr "header" (that is the same area as approval status, build status, SAST status etc).