Add option to allow CODEOWNERS to merge to protected branches
Problem
All code is not created equal. Some areas of a codebase may have higher or lower risk than others. Some areas of a codebase may benefit from a high level of scrutiny, but some areas may be OK to move more quickly on.
However, GitLab's role system doesn't allow for much selectivity. If you're using a protected master, you've got to be a Maintainer to be able to merge something; even if an MR is a very low-risk change (a typo fix in documentation), it still requires the same level of scrutiny and approval if you're a Developer.
Proposal
Introduce a configurable setting to enable merging (regardless of role) if all codeowners of the affected files in the merge request have approved.
This would enable the following scenarios:
- A large monorepo would be able to offer codeowners of specific areas of the codebase Developer permissions to constrain what they can do in other areas of the repo, but allow them to own their relevant areas of the codebase and still move quickly.
- GitLab could offer a department (say, Product) ownership over specific handbook pages, giving them merge rights to relevant areas while maintaining a review process over others (for instance, a PM should be able to singlehandedly merge changes to their direction pages, but probably not the finance page).
Edited by James Ramsay (ex-GitLab)