Require MR approvals_required set in project to be a hard minimum, per MR overrides can't be lower

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

As an SRE working in a large monorepo, we set approval rules on the repo which are very broad - Minimum 2 approvers, anybody who is a member of the project can approve (which ends up being the majority of our Engineering org). We expect Engineers to override the approval rule to scope down to the specific approvers that they want to approve, however, as a matter of company policy, we always require a minimum of 2 approvers.

Since 12.2 (!14902 (merged)), a change was made to allow approval overrides to suddenly start going below the minimum set in the project, and the MR Override UI always defaults to 1, instead of to the project default.

Intended users

• Rachel (Release Manager)
• Delaney (Development Team Lead)
• Sasha (Software Developer)
• Devon (DevOps Engineer)
• Sidney (Systems Administrator)
• Simone (Software Engineer in Test)
• Allison (Application Ops)

Further details

Proposal

While we see the use case and value in allowing some GitLab users the ability to override lower, this causes us problems, so we'd like to see either:

1. The UI box in approval override default to the same value as the project default.
2. A toggle on the project approval defaults to not allow a value lower than the project default.
3. Maybe both of the above?

Permissions and Security

Documentation

Availability & Testing

What does success look like, and how can we measure that?

What is the type of buyer?

Is this a cross-stage feature?

Links / references

• !14902 (merged)
• gitlab-foss!31268 (merged)