Validates AppSec approval on security merge requests
What does this MR do?
Validates AppSec approval on security merge requests:
Now that we can execute package-and-qa builds on security merge requests, the validation of these done by an AppSec team member can be done before the merge request is merged. This commit ensure the validation has taken place, along with the maintainer validation, and adds an error if one of them is different.
Logic differs from merge requests targeting master and stable branches:
- If a merge request targets master, we validate two approvals: One from maintainer and another one from AppSec
- If a merge request targets a stable branch: Only one approval is verified.
Related to https://gitlab.com/gitlab-org/release-tools/-/issues/457
Testing:
Merge Request with no approval - https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/701
"<details>\n<summary><strong>The merge request requires two approvals</strong></summary>\n<br />\n\nThis merge request is missing an approval. Please ensure\nits approved by a maintainer, and by an AppSec team member.\n\n\n</details>\n"]
Merge Request with only maintainer approval - https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/702
"<details>\n<summary><strong>The merge request requires two approvals</strong></summary>\n<br />\n\nThis merge request is missing an approval. Please ensure\nits approved by a maintainer, and by an AppSec team member.\n\n\n</details>\n"]
Merge Request with both approvals (maintainer and AppSec) - https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/699