Draft: Fix approval policy effects on protected branches
requested to merge 456499-settings-for-merge-request-approval-policy-with-multiple-rules-not-being-properly-enforced into master
What does this MR do and why?
TODO
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Before
After
How to set up and validate locally
-
Create a new group and a contained project
-
On the project level:
- Navigate to
Settings > Repositoryand create the following branch protections:test-123developfoo*foobar
- Navigate to
-
On the group level:
- Navigate to
Security > Policiesand create the following MR approval policy:
- Navigate to
type: approval_policy
name: Block protected branches
enabled: true
rules:
- type: any_merge_request
branches: [test-*]
commits: any
- type: any_merge_request
branches: [develop]
commits: any
- type: any_merge_request
branches: [foo*]
commits: any
actions:
- type: require_approval
approvals_required: 1
role_approvers: [owner]
approval_settings:
block_branch_modification: true
prevent_pushing_and_force_pushing: true- On the project level, navigate to
Settings > Repositoryand verify that none of the previously created protections can be removed.
Related to #456499 (closed)
Edited by Dominic Bauer