Feature Request: Merge request approval - `remove all approvals with commits` setting at project level should reflect security policy at higher level
Release notes
Problem to solve
The behaviour of this functionality is correct, but the UI gives the user the impression that they have the ability to configure Project Settings to keep approvals when they do not.
Further context from @g.hickman
"Expected behavior:
For repository settings, like blocking branch modification, we override the project settings, grey out the option to modify the, and have a hover state explaining the settings are overridden by a policy (example below):
For MR approvals, it's a bit different as we aren't overriding settings in the project for all MRs. The policy only enforced this behavior based on the policy rules, such as only enforcing it on MRs targeting the default branch.
So from my understanding of the issue, if a user applied the setting at the project level, it would take affect for all but the MRs in scope of the policy settings.I agree there could be some way to better surface this in the project settings, but we wouldn't entirely override the project settings since it dynamically varies based on the policies rules which MRs are affected.A feature request may be the best path forward here. Maybe we can identify a better generic way to surface these types enforcements that change behaviors in projects that are not 1:1 with project settings."
Proposal
Suggested by @phikai : "Interim step, could just be to add a note in the project settings that's something like "these settings may be overriden by a policy configured for this project" with a link to the policy"
