►
From YouTube: Compliance and approvals in Merge Requests
Description
Sharing where the compliance group is impacting the merge request experience
A
And
slack
pedro
messaged
me
asking
me
to
just
share
a
little
bit
about
where
the
compliance
group
has
been
working
along
source
code
and
code
reviews
to
make
some
additions
or
enhancements
to
merge
requests
specifically
around
the
approvals
features
and
so
for
mike
the
other
part
designer.
This
is
a
bit
of
a
informational
update.
I
thought
it
would
be
easier
just
to
do
a
couple
walk-throughs
through
a
few
issues,
or
rather
epics,
that
we
have
outstanding
that
we're
currently
working
on
as
a
way
to
help
disseminate
that
knowledge.
A
So
I'll
start
from
what
are
we
kind
of
working
on
and
work
towards
like?
What's
coming
more
down
the
road?
Now
there
are
three
ones
that
stuck
out
immediately
in
my
mind,
and
there
might
be
some
more
out
there,
but
we'll
kind
of
come
across
as
over
time.
The
first
one
is
this
notion
of
being
able
to
link,
merge
requests
to
jira
and
the
intent
here
is.
There
are
instances
where
organizations
are
using
jira
for
their
project
management
and
git
lab
for
their
source
code
and
when
they're
creating
merge
requests.
A
A
So
I
believe
that
work
has
kind
of
started.
I
think
we
have
some
of
the
discovery
work
being
done
in
13-8,
so
I
think
they're
starting
to
build
the
framework
to
make
this
happen
and
we'll
see
how
far
we
get
with
that.
A
The
next
one,
this
one
does
deal
a
lot
more
with
the
approval
section.
So
currently
you
can
map
physical
people
as
approvers
to
a
merge
request,
so
you
can
request
that
specific
users
or
group
of
users
be
the
approvers
for
the
merge,
request
and
they're
instances
where
organizations
want
to
also
use
a
payload
check
against
an
api
to
ensure
that
that
thing
is
up
and
good
and
there
to
establish
a
good
connection.
I
guess
for
their
builds
and
so
they've
wanted
to
be
able
to
add,
essentially
an
api
as
a
third-party
approver.
A
So
for
this,
we've
at
we've
suggested
to
add
a
different
dynamic
to
the
merge
request,
approvals
and
it'll
show
up
and
there.
So
currently
you
do
users
or
groups,
and
you
pick
your
your
approvers
and
so
the
way
you
could
then
flip.
This
would
be
picking
that
same
drop
down
and
choosing
to
do
an
approval
gate
instead
and
then
you'd
be
putting
in
an
api
to
reference.
A
The
way
that
manifests
itself
with
any
actual
merge
request
and
be
right
alongside
the
approvers
there'd,
be
a
little
drop
down
or
really
a
collapsible
section.
That
says
here
are
the
approval
gates
that
are
being
checked
alongside
the
eligible
approvers,
and
this
would
tell
you
whether
or
not
they've
passed
or
failed
a
quick
check.
A
And
so
the
last
one
here
is
in
workflows,
mission
validation.
So
we
have
some
research,
that's
ongoing
to
essentially
create
a
way
to
bypass
the
protections
that
would
normally
prevent
a
merge
request
from
going
into
master
or
the
default
branch
whatever
that
may
be
as
a
way
to
help
gatekeep
from
problems
getting
in
we've
definitely
heard.
A
There
are
instances
where
perhaps
a
team
doesn't
want
to
wait
to
be
able
to
do
all
the
necessary
checks,
like
let's
say
the
approvers
aren't
available
at
the
end
of
the
day
on
a
friday,
and
they
just
really
have
to
get
this
change
in
and
they
feel
very
confident
that
it'll
be
totally
fine,
but
because
no
one's
there
they
don't
really
have
an
option
so
to
help
provide
more
flexibility
into
this.
We're
trying
to
give
the
ability
to
force
merge.
So
this
would
be
able
to
say
yeah.
We
can
ignore
your
pipelines.
A
We
can
ignore
your
approval
status.
What
have
you
that
would
normally
prevent
you
from
pushing
this
change
and
allow
you
to
do
it?
We're
trying
to
do
this?
Only
with
group
owners
as
the
specified,
pers
or
group
of
functionality
that
we
want
to
share
with,
we
think
that
might
be
the
smallest
blast
radius,
because
we
understand
that
this
is
a
rather
impactful
thing.
A
A
Alternatively,
if
you
are
a
group
owner
and
your
developer
pings
you,
you
can
come
in
and
hit
the
force
merge
button
get
a
little
bit
of
awareness
of
what
this
would
do
and
there's
one
more
step
that
prevents
you
from
doing
that.
Just
in
case
you
know
what
this
thing
does
we're
trying
to
just
let
you
know
like
hey:
this
could
break
your
builds.
You
know
it's
more
of
an
administrative
task.
It
would
definitely
take
some
special
knowledge
of
knowing
that
this
would
be
okay.
A
So
this
is
definitely
more
of
like
an
edge
case
thing,
but
it
should
be
able
to
provide
much
more
flexibility
in
those
instances
where
it
makes
sense
to
use
it,
and
so
this
provides
additional
checks
into
getting
people
to
get
that
thing.
In
but
without
having
to
use
the
traditional
means
of
doing
so,
so
those
were
the
three
issues
that
were
outstanding
or
epics
that
were
outstanding.
In
my
mind,
that
related
to
merge,
requests
and
approvals.