## Summary Implement automatic CODEOWNERS assignment to achieve competitive parity with major competing platforms. This epic delivers native CODEOWNERS automation that assigns all group members individually when MRs match ownership patterns, creating the foundation for DAP-powered intelligence enhancements in Phase 2. ## Problem Statement GitLab lacks automated CODEOWNERS assignment - a standard feature in major competing platforms - putting us behind on essential reviewer workflow capabilities. Users must manually select reviewers for every MR, creating friction particularly for large organizations with established ownership patterns. **Current State:** - CODEOWNERS generates approval rules automatically via `SyncCodeOwnerApprovalRules` - Reviewers must be assigned manually through UI, API, or quick actions - No connection between code ownership and reviewer assignment **Desired State (Phase 1):** - **Automatic Group/User Assignment**: When MR matches CODEOWNERS patterns, assign all group members individually (matching current `/assign_reviewer @security-team` behavior) - **CODEOWNERS File Processing**: Parse and evaluate file patterns against MR changed files - **Manual Override**: Preserve existing reviewer dropdown functionality for custom assignments - **Audit Trail**: Track automatic vs. manual assignments for analysis ## Business Justification **Competitive Parity:** Major competing platforms offer automated CODEOWNERS assignment as standard functionality. GitLab currently lags behind on essential reviewer workflow capabilities. **Developer Productivity:** Eliminates manual reviewer selection overhead. Each automated assignment saves 2-5 minutes of manual selection time while ensuring appropriate reviewers are notified immediately. **Foundation for Intelligence:** Creates the infrastructure necessary for Phase 2 DAP enhancements, where intelligent selection replaces group assignment to solve diffusion of responsibility problems. ## Acceptance Criteria ### Core Functionality - [ ] **Automatic Group Assignment**: When MR matches CODEOWNERS patterns, assign all group members individually (replicating current `/assign_reviewer @security-team` behavior) - [ ] **CODEOWNERS File Processing**: Parse and evaluate file patterns against MR changed files using existing GitLab pattern matching infrastructure - [ ] **Pattern Matching Accuracy**: Achieve >95% accuracy in CODEOWNERS pattern matching and group resolution for typical repository structures - [ ] **Manual Override Preservation**: Maintain existing reviewer dropdown functionality - manual assignments take precedence over automatic assignments - [ ] **Permission Compliance**: All assignments respect existing approval rules, user permissions, and project access controls ### Audit and Analytics - [ ] **Assignment Tracking**: Track automatic vs. manual assignments for analysis and optimization - [ ] **Assignment Decision Logging**: Record which CODEOWNERS patterns triggered assignments and which users were selected - [ ] **Performance Metrics**: Monitor CODEOWNERS detection accuracy and assignment completion rates - [ ] **Audit Trail**: Maintain visibility into assignment decisions for compliance and debugging ### User Experience - [ ] **Seamless Integration**: Assignment happens automatically without disrupting existing MR creation workflow - [ ] **Override Capability**: Users can modify auto-assigned reviewers using existing UI without losing assignment history - [ ] **Notification Consistency**: Auto-assigned reviewers receive same notifications as manually assigned reviewers ### Performance & Scale - [ ] **Assignment Decision Speed**: Complete assignment decisions within <2 seconds for typical MR complexity and CODEOWNERS patterns - [ ] **GitLab.com Scale**: Handle assignment logic at GitLab.com volume without performance regression - [ ] **Large CODEOWNERS Support**: Optimize parsing for large CODEOWNERS files and complex pattern hierarchies - [ ] **Graceful Failure**: Handle edge cases (malformed CODEOWNERS, permission issues, unavailable users) without blocking MR creation ## Technical Scope ### Backend Implementation **Core Service Development:** - Extend `EE::MergeRequests::CreateService` to trigger reviewer assignment after approval rule sync - Create `MergeRequests::AssignCodeOwnerReviewersService` that reads existing `ApprovalMergeRequestRule` records with `rule_type: :code_owner` and assigns the corresponding users as reviewers - Add project settings boolean field for enabling/disabling the feature **Database Changes:** - Add `auto_assign_code_owner_reviewers` boolean to `project_settings` table **API Integration:** - Use existing MR reviewer assignment APIs to assign Code Owners as reviewers - Extend project settings API to support the new auto-assignment toggle **Worker Integration:** - Create `AutoAssignCodeOwnerReviewersWorker` triggered by MR creation and updates, following the same pattern as `SyncCodeOwnerApprovalRulesWorker` ### Frontend Implementation **Project Settings:** - Add simple toggle for "Automatically assign Code Owners as reviewers" in project settings **Merge Request Interface:** - Show auto-assignment indicators in reviewer section - Display clear indication when reviewers were automatically assigned from CODEOWNERS ## Dependencies **Prerequisites:** - Existing CODEOWNERS implementation (`Gitlab::CodeOwners` namespace) - Existing approval rules sync infrastructure (`SyncCodeOwnerApprovalRules`) - Current reviewer assignment API endpoints - User permission and notification systems **No External Dependencies:** This epic leverages existing GitLab infrastructure without requiring external services, AI models, or third-party integrations. ## Success Metrics **Assignment System Performance:** - **CODEOWNERS Detection Accuracy**: >95% of MRs correctly matched to ownership patterns - **Assignment Completion Rate**: >95% of CODEOWNERS patterns successfully assigned reviewers - **Assignment Decision Speed**: <2 seconds for typical MR complexity and CODEOWNERS patterns **Assignment Quality & Distribution:** - **Automatic Assignment Coverage**: % of approval-required MRs receiving automatic reviewer assignments - **Assignment-to-Review Latency**: Time from MR creation to reviewer assignment completion - **Manual Override Rate**: % of automatic assignments manually changed by users (baseline for Phase 2 optimization) **System Integration:** - **Performance Impact**: No measurable regression in MR creation time - **Error Rate**: <1% assignment failures due to parsing errors, permissions, or edge cases - **Audit Completeness**: 100% of assignments tracked with decision reasoning and source attribution ## Dependencies **Hard Prerequisites:** - Existing CODEOWNERS implementation (`Gitlab::CodeOwners` namespace) - Existing approval rules sync infrastructure (`SyncCodeOwnerApprovalRules`) - Current reviewer assignment API endpoints and notification systems **Integration Dependencies:** - Group membership resolution and permission validation systems - MR creation workflow and async job processing infrastructure - Existing reviewer assignment UI components and workflows **No External Dependencies:** This epic leverages existing GitLab infrastructure without requiring external services, DAP integration, or third-party systems. ## Implementation Phases **Phase 1.1 - Core Infrastructure:** - Backend service development and testing - Database schema changes and migrations - Basic selection algorithm implementation **Phase 1.2 - User Interface:** - Project settings page integration - MR interface updates with assignment indicators - Admin configuration interface **Phase 1.3 - Testing & Documentation:** - Comprehensive testing with large CODEOWNERS files - Performance testing with high MR creation volume - User documentation and migration guides ## Risks and Mitigations **Risk: Performance impact on MR creation** - Mitigation: Async processing via background workers, comprehensive performance testing **Risk: User confusion about automatic assignments** - Mitigation: Clear UI indicators, comprehensive documentation, gradual rollout **Risk: Large CODEOWNERS groups creating notification spam** - Mitigation: Configurable limits, intelligent selection algorithms, notification preferences **Risk: Interaction with existing manual assignment workflows** - Mitigation: Clear override mechanisms, preserve existing API compatibility ## Customer Interest This feature addresses a significant customer pain point documented in Issue #364847, with substantial customer demand demonstrated through multiple Salesforce customer feedback cases: 1. `https://gitlab.my.salesforce.com/0016100001ZPiiCAAT` 2. `https://gitlab.my.salesforce.com/00161000004zq6r` 3. `https://gitlab.my.salesforce.com/0014M00001yRHoE1` 4. `https://gitlab.my.salesforce.com/0018X000032VVP8` [Additional Customer References](https://gitlab.com/groups/gitlab-org/-/epics/20708#note_3056254704) Original [issue](https://gitlab.com/gitlab-org/gitlab/-/work_items/364847) had over 130 upvotes from users.