Move Merge Checks, and Merge request approvals settings into protected branch rules
Problem to solve
The requirements for features such as "Pipelines must succeed," and the number of approvers (almost everything under settings -> general -> Merge requests" and "Merge request approvals") can vary depending upon the nature of the merge.
Intended users
Really any.
Primarily developer types. Sahsa, Devon, Sidney, Release managers.
But other types could be dealing with merge requests for documentation and more.
Further details
Users following a feature branch or similar workflow might want to allow more flexible merging into feature branches but more restrictive into master, release, etc. type branches.
Changes to documentation are unlikely to require a pipeline.
Users issuing merge requests from forks may be unable to run the pipeline due to permissions. More flexible merge rules would allow for the merging of forks into specific branch patterns (feature/, bug/, etc) but prevent those branches from being merged into more protected branches (master, releases, etc) without a successful pipeline.
Proposal
Move functions such as "pipelines must succeed" under the branch protection.
Create a default rule for * with the same default values currently used for those settings to prevent any change in behavior.
Permissions and Security
Existing per-branch security uses a model which does not involve inheritance. Only allow maintainers or only allow maintainers and developers. Some discussion should take place about implementing the role portion as a select list or inheritance model.
Testing
All of the protections enforced by this already exist in Gitlab. Therefore any existing testing would provide good coverage. Existing tests would need to be expanded to cover multiple branches. I.E. the tests would need to be merged into the tests for the branch protection feature as well.
What does success look like, and how can we measure that?
The settings under "settings -> general -> Merge requests -> Merge checks" and ""settings -> general -> Merge request approvals" can be configured per branch.