Reputation: 14863
Gitlab CODEWONERS: do not require approval for certain files (package.json)
We are switching to gitlab and are having trouble to exclude the package.json (and lock) from the CODEOWENERS file.
Our previous configuration was like this:
* @team-1
# Since the package.json and the package-lock.json are regularly changed by every team (f.e. when upgrading a specific),
# changing these files is allowed to be changed by anyone (including RenovateBot)
^[PACKAGE]
package.json
package-lock.json
# Explicitly protect CODEOWNERS
CODEOWNERS * @team-1
This was previously working in bitbucket, but now the * rule applies to package.json as well. So renovate bot cannot automatically merge the changes to the package.json anymore, because they need approval from team-1
We tried to exclude them from the * rule, but negations are not supported by gitlab. In all gitlab examples, the code is structured in different folders, for different teams, but that is not applyable here, since we cannot restructure our code like this.
Can this be achieved, that package.json and package-lock.json do not require the approval of team-1?
Upvotes: 1
Views: 980
Answers (2)
Reputation: 1326376
GitLab 15.9 (February 2023) provides a new option, but only for Premium or Ultimate:
Require multiple approvals from Code Owners
You can now precisely define for which files, file types, or directories approval has been designated as optional, required approval by one user, or by multiple users. The latter being the new improvement of the
CODEOWNERSfile.So far, if you needed to require multiple approvers be it for compliance reasons or other reasons, you could only do so with an approval rule.
However, unlike Code Owner approvals, approval rules apply to entire branches and cannot be refined to apply to specific parts of your code base. So, the multiple approvals would have also been required for changes that do not need a high level of scrutiny leading to unnecessary reviews.
See Documentation and Issue.
Upvotes: 0
Reputation: 86
Your problem is that you are using an optional section, to exclude the package files.
You should consider to not use optional section ^[PACKAGE] at all and instead make everyone an owner of the package files. Which you already did, but only inside the section.
Eg:
* @team-1
# Since the package.json and the package-lock.json are regularly changed by every team (f.e. when upgrading a specific),
# changing these files is allowed to be changed by anyone (including RenovateBot)
package.json
package-lock.json
# Explicitly protect CODEOWNERS
CODEOWNERS * @team-1
As already described here https://github.com/renovatebot/renovate/issues/6473#issuecomment-855543240
Upvotes: 1
Related Questions
- Gitlab CODEOWNERS to automatically add approvers
- How to write custom GitLab approval rules?
- How to exclude files or folders not being included in the gitlab code quality scanning json file to reduce the code quality issues
- Manual approval in GitLab CI deployment pipeline
- Gitlab CE - approvals workaround
- Push code to GitLab except package-lock.json
- Restrict a file to being edited in gitlab (.gitlab-ci.yml)
- gitlab push rule,allow one specific file gradle-wrapper.jar
- How can I set Default approvers from the GitLab repo side?
- Restrict users permission in GitLab?