Add prevent approval by committer check for GitLab standards adherence
What does this MR do and why?
- Add prevent approval by committer check to Gitlab standard. This check is executed whenever 'prevent approval by committer' merge request approval setting is updated. It creates a row inside the
projects_compliance_standards_adherence
table storing the current compliance status for the project. - Create
group_base_worker.rb
andbase_worker.rb
and inherit new and existing workers insidecompliance_management/standards/gitlab
from it. - Move a lot reusable code to the
compliance_management/standards/gitlab/base_service.rb
and inherit the other services insideee/app/services/compliance_management/standards/gitlab/
from it.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
Test the project level settings
- Ensure that you have a GitLab Ultimate license.
- Enable feature flag
Feature.enable(:compliance_adherence_report)
- Run
Projects::ComplianceStandards::Adherence.for_check_name(:prevent_approval_by_merge_request_committers).count
inside rails console and ensure that the count is zero. - Navigate to a project's Settings > Merge requests and then enable 'Prevent approvals by users who add commits' setting.
- Run
Projects::ComplianceStandards::Adherence.last
inside rails console and ensure that a row with correct attributes for status, check_name, standard is created. - Navigate to a project's Settings > Merge requests and then disable 'Prevent approvals by users who add commits' setting.
- Run
Projects::ComplianceStandards::Adherence.last
inside rails console and ensure that thestatus
column has been updated tofail
fromsuccess
.
Test the group level settings
- Navigate to a group's Settings > General. Expand the 'Merge request approvals' section and then enable 'Prevent approvals by users who add commits' setting.
- Run
Projects::ComplianceStandards::Adherence.for_check_name(:prevent_approval_by_merge_request_committers).for_group(<group_id>)
inside rails console and ensure that records for all the projects inside that group is is created (including projects inside a sub-groups). - Also ensure that the fields for these rows are correct, the
status
should be 'success' for all the rows,standard
should be 'gitlab' andcheck_name
should be 'prevent_approval_by_merge_request_committers'. - Navigate to a group's Settings > General. Expand the 'Merge request approvals' section and then disable 'Prevent approvals by users who add commits' setting.
- Run
Projects::ComplianceStandards::Adherence.for_check_name(:prevent_approval_by_merge_request_committers).for_group(<group_id>)
inside rails console and verify that the the rows have status as per their project settings.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Closes #413234 (closed)
Edited by Huzaifa Iftikhar