Track changes in merge request approval settings in the audit log
"Rules" aspect moved to #209222 (closed)
Problem to solve
Tracking changes in merge request approval settings and rules in the audit log
Further details
Client proposed change in Zendesk ticket: https://gitlab.zendesk.com/agent/tickets/103355 (Internal use only)
They asked if the audit logs could address changes to required approvers (how many, enabled/disabled).
Important Note
As of %12.7 Administrators
will be able to set instance-wide rules for MR approvals that will restrict these settings at the project level for any non-admins.
Currently scheduled for %12.8 is an iteration to bring this functionality to the group level for .com
customers and will follow similar logic: only Group Owners
can modify the settings at the project level.
This activity - the modification of MR approval settings - should still be logged, though this detail may affect how it's logged and with what supplemental data.
Proposal
We should log, at the group level the three most important details of the MR approval settings and iterate to include additional settings later. Those three settings, as defined in #39060 (closed) are:
- Prevent approval of merge requests by merge request author
- e.g.
User
modifiedProject
toallow
merge request authors toapprove
their own merge requests - e.g.
User
modifiedProject
todeny
merge request authors from approving their own merge requests
- e.g.
- Prevent approval of merge requests by merge request committers
- e.g.
User
modifiedProject
toallow
merge request committers toapprove
their own merge request - e.g.
User
modifiedProject
todeny
merge request authors from approving their own merge requests
- e.g.
- Approvers List changes
- e.g.
User
modified approvers forProject
to1
from2
- e.g.
User
modified approvers forProject
to4
from2
- e.g.
These events should contain a default sort order of Newest to Oldest.