Skip to content

Add Note for group membership

What does this MR do and why?

Recent ticket (internal) revealed an edge case where CODEOWNERS approval appeared as optional, if the group of approvals had inherited membership in the target project. Adding the approvals group as a direct members into the project was making the CODEOWNERS approval as required. This is not mentioned clearly in our documentation

This MR adds explicit note that for groups to be used as Code Owners and to make approval as required, the groups must have a direct membership and not inherited from the higher parent groups. The same is for the members of the Code Owners group.

Currently the docs do not mention this and that creates confusion with the clients and internal team.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Create a project structure

    top-level_group (UserA/direct member, UserB/direct member, Infrastructure_subgroup/direct member)
    |
    |
    Teams_subgroup -- Infrastructure_subgroup (UserA/inherited member, UserB/inherited member)
    |
    |
    ProjectA (Infrastructure_subgroup/inherited member)
  2. In the ProjectA settings enable required Code Owners approval (Settings-->Repository-->Protected Branches) image

  3. Create CODEOWNERS file in ProjectA

    [Infrastructure]
    .gitlab-ci.yml @top-level_group/Teams_subgroup/Infrastructure_subgroup
    .gitlab/       @top-level_group/Teams_subgroup/Infrastructure_subgroup
    terraform/     @top-level_group/Teams_subgroup/Infrastructure_subgroup
    README.md      @top-level_group/Teams_subgroup/Infrastructure_subgroup
  4. UserA to create an MR changing README.md file

  5. CODEOWNERS approval will be shown as optional

Next, add UserA and UserB as direct members of the group Infrastructure_subgroup. Also add Infrastructure_subgroup as a direct member into the ProjectA. Then create a new MR changing README.md. This time the Code Owners approval will be Required.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Anton Starovoytov

Merge request reports

Loading