Multiple approver actions does not work with any_merge_request approval policy rules

Summary

When an MR approval rule is created with multiple approver actions and with any_merge_request rule type, the multiple approvers are not applied to the MRs in project.

Steps to reproduce

Create a project or group and create an approval policy to require approval on any MR with 3 different approval actions

approval_policy:
  - name: Any MR Rule
    description: ''
    enabled: true
    policy_scope:
      projects:
        excluding: []
    rules:
      - type: any_merge_request
        branch_type: protected
        commits: any
    actions:
      - type: require_approval
        approvals_required: 1
        role_approvers:
          - maintainer
      - type: require_approval
        approvals_required: 1
        user_approvers_ids:
          - 4093067
      - type: require_approval
        approvals_required: 1
        group_approvers_ids:
          - 14485130
      - type: send_bot_message
        enabled: true
    approval_settings:
      block_branch_modification: true
      block_group_branch_modification: true
      prevent_pushing_and_force_pushing: true
      prevent_approval_by_author: true
      prevent_approval_by_commit_author: true
      remove_approvals_with_new_commit: true
      require_password_to_approve: false
    fallback_behavior:
      fail: closed

Create an MR in the project (within the group if the policy is created at group) and observe that there are only 1 approval enforced and not 3

Example Project

https://gitlab.com/gitlab-org/security-risk-management/security-policies/team-member-environment/sashis-test-group/test-any-mr-rules/project-a/-/merge_requests/1

What is the current bug behavior?

Only one approval action is enforced

What is the expected correct behavior?

All the approval actions should be enforced

Relevant logs and/or screenshots

Output of checks

Results of GitLab environment info

Expand for output related to GitLab environment info


(For installations with omnibus-gitlab package run and paste the output of:
`sudo gitlab-rake gitlab:env:info`)

(For installations from source run and paste the output of:
`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)

Results of GitLab application Check

Expand for output related to the GitLab application check

(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)
(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)
(we will only investigate if the tests are passing)

Possible fixes

Edited Mar 26, 2025 by Sashi Kumar Kumaresan