Validate CODEOWNERS to detect regressions and stale configurations
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Problem 1
The CODEOWNERS file in gitlab-org/gitlab has a lot of hard-coded file paths.
Hard-coded file paths can lose ownership (and not require approval) if they are renamed or moved to a different folder. Also hard-coded paths may remain obsolete if files are removed.
Proposal
Have a test that runs in CI and ensures that:
- when a file is removed, a full path is not present in CODEOWNERS.
- when a file that matched a full path is moved, the new full path is present in CODEOWNERS.
- when a file that matched any CODEOWNERS sections is moved, the new path matches the same sections.
Failure should block the pipeline that is introducing the changes.
Problem 2
The CODEOWNERS file in gitlab-org/gitlab uses a lot of references to direct users.
Proposal
Have a test that runs in CI and ensures either that:
- the handle represents a user that still has developer (or maintainer?) access to the project. Prevents obsolete owners to remain.
- the handle represents a group that has at least 1 member with developer (or maintainer?) access to the project. Prevents obsolete groups from be used.
The test could run in a scheduled pipeline since it's not critical and it's not tied to any specific changes. It could additionally run any time the CODEOWNERS file is changed.
Further considerations
These kind of CODEOWNERS sanity checks could be part of the product since they can be generically applied to any projects. For example they could run automatically like dependabot checks for depenency updates.