Skip to content

GitLab Next

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
GitLab
GitLab
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 34,941
    • Issues 34,941
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
    • Iterations
  • Merge Requests 1,269
    • Merge Requests 1,269
  • Requirements
    • Requirements
    • List
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
    • Test Cases
  • Security & Compliance
    • Security & Compliance
    • Dependency List
    • License Compliance
  • Operations
    • Operations
    • Metrics
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • CI / CD
    • Code Review
    • Insights
    • Issue
    • Repository
    • Value Stream
  • Snippets
    • Snippets
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • GitLab.org
  • GitLabGitLab
  • Issues
  • #4418

Closed
Open
Opened Dec 21, 2017 by James Ramsay@jramsay-gitlab⚡Maintainer

Require merge request approval by code owners

Problem to solve

Large organizations with many projects and large projects need to enforce review policies so that they can ensure the correct teams and individuals review changes that impact them. GitLab should allow approvals from Code Owners to be required before a merge request can be merged.

Target audience

Further details

Building on the integration of Code Owners into the merge request approval process, we should make it possible to require Code Owner approval through the merge request workflow. To fully enforce code owners on a specific branch the Protected Branch rule to prohibit anyone from pushing directly to the branch to avoid a manual merge bypassing approval requirements.

Proposal

Add a merge request option to project settings to require approval by code owners in merge requests:

Require approval by code owners Only allow code owners to change files that match CODEOWNER rules. Commits that change files owned by other users or groups will require approval before the merge request may be merged. Owners may change any file.

Until all matching code owners rules are satisfied by one approval (or more), the merge request cannot be merged.

Add a new ~"usage ping" field for the count of projects where code owner approval is required.

Designs

Project settings MR create/edit form MR Widget
image image image
  • The project settings for MR approvals has a checkbox to enforce codeowner approval.
  • The MR create/edit form shows a message that codeowner approval is required and displays the codeowner rules that match for the given MR.
  • The MR widget shows the current status for each of the matching codeowner rules
  • The default number of approvals required per codeowner rule will be 1. We will offer customizability in a follow-up issue.

What does success look like, and how can we measure that?

We will monitor adoption of required code owner approvals with a new usage ping field

Links / references

https://gitlab.com/gitlab-org/gitlab-ee/issues/4413 https://help.github.com/articles/about-codeowners/

Edited Jan 24, 2019 by Jeethu Karthik
Assignee
Assign to
11.9
Milestone
11.9 (Past due)
Assign milestone
Time tracking
None
Due date
None
Reference: gitlab-org/gitlab#4418