Group-level merge request approval rules
Problem to solve
Compliance-minded organizations manage their GitLab namespaces against company policy to ensure the use of GitLab does not create gaps in their audit posture. One of the most common requirements for these organizations is separation of duties; one of the primary controls that exists within GitLab to support this requirement are merge request approvals.
Currently, merge request approvals must be configured at the project-level with limited support at the instance-level. There is no way for an organization to manage these rules at the group-level to apply a standard set of approval rules to multiple projects.
Intended users
Proposal
Bring the merge request approvals settings to the group-level.
When adding these rules at the group level:
Existing projects should not inherit these rules.
New projects should inherit these rules.
The rules should not be modifiable at the project-level, but additional rules can be defined at the project level.
JTBD
- When there are new sub groups/projects that will be created, I want to be able to standardize the default configuration, so that I don't have to manually configure each one.
Further details
ZD: https://gitlab.zendesk.com/agent/tickets/42760
It would be nice to be able to set this defaults at the group level so that all new projects get created with these settings by default.
Requests: