Scrap "accept when pipeline succeeds" for MRs coming from forks
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Description
The project option "Only allow merge requests to be merged if the pipeline succeeds" and the MR option "Merge when pipeline succeeds" are very nice, but at their current status they may be next to useless for MRs originating from external projects (forks).
Since the pipeline linked to the MR is in the fork, not in the parent project, there's no way the parent project can control it, other that the .gitlab-ci.yml file. In particular, specific runners, secret variables, job timeouts... are different from the parent project, and this makes it very likely that a pipeline will fail in a fork while it would succeed in the parent project.
More serious, I suspect a malicious user could tweak a specific runner in their fork to report success when it should fail.
Proposal
Until proper MR pipelines are implemented, which run on the parent project with the merged code, at least the "merge when pipeline succeeds" button should be disabled for fork MRs (successful pipelines cannot be trusted), and it should be possible to bypass the "only merge if succeeds" option for fork MRs (failed pipelines cannot be trusted).
A better option would be to allow linking another pipeline (which would be run semi-manually on the parent project) to the MR, and apply the pipeline checks to this pipeline, not to whatever is run on the fork.