Skip to content

Auto-merge not appearing for Developer role during policy evaluation

Summary

We've identified a scenario where for Owner roles auto-merge appears while security policy evaluation is not completed. However, for a Developer role, this option does not appear.

The ‘auto-merge’ function is disabled until either an approval is given (while the pipeline is running), or after the pipelines have run and an approval is marked as optional. This has been an issue for a lot of developers that use this feature often.

Other issues in a MR are also causing the approvals to sit in a ‘required’ state, such as when an MR branch is behind the target branch, throwing a merge error.

Steps to reproduce

  • Create a MRAP(merge request approval policy) that requires one or more approvers before a MR can be approved. Make sure to apply that policy to the relevant branches you want to protect. We have it set to 'protected branches'.
  • Apply that MRAP to a new or existing repository
  • Apply a job to that repos pipeline that gives the pipeline a minute or two to run, so the security approval requirement can be viewed on the MR. If the repository has no findings, the approvals will change to a state of ‘optional’. 
  • Create a branch/MR from that repository, with a minor change.

Example Project

What is the current bug behavior?

What is the expected correct behavior?

  1. Auto-merge should be visible for all users with merge rights in the project, even if approvals are required by a security policy
  2. If policy is targeting "any merge request", this behavior should be the same as well. Developers (or any role with merge rights) should have an option to auto-merge.

Relevant logs and/or screenshots

Output of checks

Results of GitLab environment info

Expand for output related to GitLab environment info 

(For installations with omnibus-gitlab package run and paste the output of: \\\\\\\`sudo gitlab-rake gitlab:env:info\\\\\\\`) (For installations from source run and paste the output of: \\\\\\\`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production\\\\\\\`)

Results of GitLab application Check

Expand for output related to the GitLab application check 

(For installations with omnibus-gitlab package run and paste the output of: \\\`sudo gitlab-rake gitlab:check SANITIZE=true\\\`) (For installations from source run and paste the output of: \\\`sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true\\\`) (we will only investigate if the tests are passing)

Possible fixes

Related issues

  1. #466578 (closed)
Edited by Grant Hickman