Code Owners no longer able to override "disable committer approval" for merge requests
Previously (before 13.11), if a merge request disallowed approvals from committers, code owners were still able to self-approve changes for files they owned. This is noted in the approval settings documentation. With GitLab 13.11, it is no longer possible to approve a merge request you contributed to, even if you were the code owner for the change.
Steps to reproduce
- Create or find a project with code owner approvals enabled. I used a new project with just a readme, protected the
mainbranch, then added two codeowners for the readme.
- Make sure the
Prevent MR approvals from users who make commits to the MRsetting is turned on.
- As one of the code owners, make a change and create a merge request for a file protected by the code owner.
- Notice you are unable to approve the merge request as a code owner who contributed to it, even though this was previously possible.
What is the current bug behavior?
Code owners cannot approve merge requests they made commits to if the corresponding setting is enabled, despite documentation and previous behavior suggesting this should be possible.
What is the expected correct behavior?
Code owners should override the
Prevent MR approvals from users who make commits to the MR setting for files they own as stated in documentation.
Relevant logs and/or screenshots
Big screenshots inside
Here is my test code owner file:
One of the code owners makes a commit and an MR to change the readme:
With the "Prevent MR approvals from users who make commits to the MR" setting enabled, the code owner cannot approve their merge request and only the second code owner is shown as an approver:
After unchecking the box for preventing self approval, both code owners, including the one that made the commit, can approve:
Output of checks
Results of GitLab environment info
This is my support team test instance, the report came from a customer who recently moved from 13.9.4 to 13.11.2 and noticed this after the upgrade when it worked before, so the change happened between those versions we think!
Expand for output related to GitLab environment info
System information System: Ubuntu 18.04 Proxy: no Current User: git Using RVM: no Ruby Version: 2.7.2p137 Gem Version: 3.1.4 Bundler Version:2.1.4 Rake Version: 13.0.3 Redis Version: 6.0.12 Git Version: 2.31.1 Sidekiq Version:5.2.9 Go Version: unknown GitLab information Version: 13.11.4-ee Revision: d1a2e182d3b Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: PostgreSQL DB Version: 12.6 URL: https://gitlarb.party HTTP Clone URL: https://gitlarb.party/some-group/some-project.git SSH Clone URL: email@example.com:some-group/some-project.git Elasticsearch: no Geo: no Using LDAP: no Using Omniauth: yes Omniauth Providers: GitLab Shell Version: 13.17.0 Repository storage paths: - default: /var/opt/gitlab/git-data/repositories GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell Git: /opt/gitlab/embedded/bin/git
Results of GitLab application Check
Expand for output related to the GitLab application check
Checking GitLab subtasks ...
Checking GitLab Shell ...
GitLab Shell: ... GitLab Shell version >= 13.17.0 ? ... OK (13.17.0) Running /opt/gitlab/embedded/service/gitlab-shell/bin/check Internal API available: OK Redis available via internal API: OK gitlab-shell self-check successful
Checking GitLab Shell ... Finished
Checking Gitaly ...
Gitaly: ... default ... OK
Checking Gitaly ... Finished
Checking Sidekiq ...
Sidekiq: ... Running? ... yes Number of Sidekiq processes (cluster/worker) ... 1/1
Checking Sidekiq ... Finished
Checking Incoming Email ...
Incoming Email: ... Reply by email is disabled in config/gitlab.yml
Checking Incoming Email ... Finished
Checking LDAP ...
LDAP: ... LDAP is disabled in config/gitlab.yml
Checking LDAP ... Finished
Checking GitLab App ...
Git configured correctly? ... yes Database config exists? ... yes All migrations up? ... yes Database contains orphaned GroupMembers? ... no GitLab config exists? ... yes GitLab config up to date? ... yes Log directory writable? ... yes Tmp directory writable? ... yes Uploads directory exists? ... yes Uploads directory has correct permissions? ... yes Uploads directory tmp has correct permissions? ... yes Init script exists? ... skipped (omnibus-gitlab has no init script) Init script up-to-date? ... skipped (omnibus-gitlab has no init script) Projects have namespace: ... 2/1 ... yes 3/2 ... yes 11/4 ... yes 12/5 ... yes 1/6 ... yes 1/7 ... yes 1/8 ... yes 12/9 ... yes 1/10 ... yes 74/12 ... yes 1/13 ... yes 76/14 ... yes 1/20 ... yes 1/21 ... yes 1/22 ... yes 1/24 ... yes 11/25 ... yes 10/26 ... yes 11/27 ... yes 11/28 ... yes 11/29 ... yes 1/30 ... yes 95/31 ... yes 96/32 ... yes 1/34 ... yes 3/35 ... yes Redis version >= 5.0.0? ... yes Ruby version >= 2.7.2 ? ... yes (2.7.2) Git version >= 2.31.0 ? ... yes (2.31.1) Git user has default SSH configuration? ... yes Active users: ... 8 Is authorized keys file accessible? ... yes GitLab configured to store new projects in hashed storage? ... yes All projects are in hashed storage? ... no Try fixing it: Please migrate all projects to hashed storage as legacy storage is deprecated in 13.0 and support will be removed in 14.0. For more information see: doc/administration/repository_storage_types.md Elasticsearch version 7.x (6.4 - 6.x deprecated to be removed in 13.8)? ... skipped (elasticsearch is disabled)
Checking GitLab App ... Finished
Checking GitLab subtasks ... Finished