Allow MR authors to "request a code review" from individuals or groups
Problem to solve
At present, we have an implicit code review cycle in GitLab. We now have the idea of a code review in EE, but in order to get one, we typically follow these steps:
- Review the diff ourselves
- Check the Danger note to find suitable reviewers
- Assign the MR to a reviewer
- Leave a comment on the MR saying "
@nick.thomascan you review this MR for me?"` or so.
The reviewer then gets a TODO (actually, two of them), performs a review, and hands the MR back to the author with another comment like "Thanks, some feedback", etc. Or they might merge the MR, or approve the MR, or approve then merge. This is all quite manual at present.
With the introduction of multiple assignees for MRs, this is causing some pain as we have to manually manage assignees. I've started leaving myself assigned to MRs when I pass them onto a reviewer; this means that when their review is complete, all they have to do is unassign themselves, but workflows vary. Either way, it's a few extra clicks, which has unlocked some discussion and questioning about multiple assignees for MRs.
It would be great if, as the MR author, I could "request a review" as a first-class action. This could be linked to approver groups to allow me to request a review from a random person in the group, or I could specify a particular person to do the review. There'd be a little box for me to include any specific notes about the review being requested, and maybe a prompt to ensure that I'd reviewed the code myself before sending off the notifications.
We might or might not remove the author as an assignee at this point - personally, I like leaving them in. They can unassign themselves if that's their preferred workflow.
Behind the scenes, we'd generate a TODO for the selected reviewer, add them as an assignee, and send them a notification that puts them straight into the review frontend for the MR. When they chose "finish review", they could add a few notes by way of reply, and we'd automatically unassign them from the MR and ensure the review requestor was still an assignee (in case they unassigned themselves pending review completion). They could also choose whether to approve or not, and merge or not, as part of completing the review, all in a single action.
This simplifies the very common "please review my code" request, makes it explicit, and gives us opportunity to start introducing good practices around review etiquette and process to the reviewer and reviewee.
Permissions and Security
Reviewer must have access to the MR, of course.
What is the type of buyer?
Code reviews are currently GitLab Premium but I'd favour this being Core or Starter, and moving reviews to Core.