Spike: Investigate and prepare PoC for Approval Notification MVC
Time-box: 3 days
Why are we doing this work
In the scope of this Spike, we would like to know what we need to do to move forward with Bot comment nudge when merge requests require a... (&10617).
- When Scan Result Policies are enforced for a given project, we would like to be able to automatically create a new comment after they are evaluated (after
Security::ScanResultPolicies::UpdateApprovalsService
) when approvals are needed with instructions for the author of the change. - When policies are evaluated multiple times (i.e. new commits are added), and approval is still needed, we should not create a new comment,
- When policies are evaluated multiple times (i.e. new commits are added), and approval is no longer needed, we should not create a new comment, and we should update or remove the current comment as it is no longer valid (similar to what Danger Bot is doing when you fix identified problems),
As an expected result of this Spike, we would like to get the following:
- Draft MR with Proof of Concept of how this change could be implemented behind the feature flag,
- New implementation issues created with Implementation Plan,
Relevant links
Edited by Alan (Maciej) Paruszewski