Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: selfapprove flag for approving policies #4794

Merged
merged 5 commits into from
Aug 8, 2024
Merged

feat: selfapprove flag for approving policies #4794

merged 5 commits into from
Aug 8, 2024

Conversation

lee2sh
Copy link
Contributor

@lee2sh lee2sh commented Jul 29, 2024
edited
Loading

what

introducing SelfApprove flag to control if the author can approve.

why

I think it makes sense to have the ability to control if the author can approve the policy checks.

tests

references

@lee2sh lee2sh requested review from a team as code owners July 29, 2024 16:22
@lee2sh lee2sh requested review from jamengual, lukemassa and nitrocode and removed request for a team July 29, 2024 16:22
@github-actions github-actions bot added the go Pull requests that update Go code label Jul 29, 2024
@chenrui333 chenrui333 added the feature New functionality/enhancement label Jul 29, 2024
@lee2sh lee2sh mentioned this pull request Aug 5, 2024
Open
1 task
@lee2sh
Copy link
Contributor Author

lee2sh commented Aug 6, 2024

@chenrui333 any chance that this can get more 👀 ? It would be much appreciated.

@jamengual jamengual added the waiting-on-review Waiting for a review from a maintainer label Aug 7, 2024
jamengual
jamengual previously approved these changes Aug 7, 2024
View reviewed changes
Copy link
Contributor

@jamengual jamengual left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@GMartinez-Sisti
Copy link
Member

GMartinez-Sisti commented Aug 7, 2024
edited
Loading

Can you update the documentation for this feature? Also is there a change on the current behavior? If so, might be considered a breaking change.

@lee2sh
Copy link
Contributor Author

lee2sh commented Aug 7, 2024

Can you update the documentation for this feature? Also is there a change on the current behavior? If so, might be considered a breaking change.

Will update the documentation. There is a slight change on the behavior where the policies would default to false if the selfapprove flag is not set, meaning the PR author would not be able to approve policies even if they are on the list of approvers.

chenrui333
chenrui333 previously approved these changes Aug 7, 2024
View reviewed changes
@chenrui333 chenrui333 removed the waiting-on-review Waiting for a review from a maintainer label Aug 7, 2024
@lee2sh lee2sh dismissed stale reviews from chenrui333 and jamengual via a30225d August 7, 2024 17:00
@github-actions github-actions bot added the docs Documentation label Aug 7, 2024
@jlee-nydig
Copy link

@chenrui333 @jamengual @GMartinez-Sisti updated the doc. Let me know what you guys think. Also, would it be possible for this to go out on the next release?

@jamengual
Copy link
Contributor

Can you update the documentation for this feature? Also is there a change on the current behavior? If so, might be considered a breaking change.

Will update the documentation. There is a slight change on the behavior where the policies would default to false if the selfapprove flag is not set, meaning the PR author would not be able to approve policies even if they are on the list of approvers.

this is a breaking change then, I don't think that Is a good option since the approved user (that happens to be the author ) can't approved it and it was added previously to the list of approvers.

@lee2sh
Copy link
Contributor Author

lee2sh commented Aug 7, 2024
edited
Loading

Can you update the documentation for this feature? Also is there a change on the current behavior? If so, might be considered a breaking change.

Will update the documentation. There is a slight change on the behavior where the policies would default to false if the selfapprove flag is not set, meaning the PR author would not be able to approve policies even if they are on the list of approvers.

this is a breaking change then, I don't think that Is a good option since the approved user (that happens to be the author ) can't approved it and it was added previously to the list of approvers.

@jamengual So there is an option to self approve even if you are the author. But IMO, I feel like it's a best practice not to give the author the ability to approve their own PR, especially when it involves policies/guardrails.

However, this option doesn't mean that the Owners cannot approve other policy checks on different PRs. That is totally feasible.

I think the freedom to choose whether or not you can approve your own PR is good to have.

@lee2sh
Copy link
Contributor Author

lee2sh commented Aug 7, 2024

@jamengual @GMartinez-Sisti @chenrui333 could we do something like this? Now, it's not a breaking change any more. I've inverted the flag so prevent_self_approve defaults to false and the current behavior persists. We now have the option to toggle prevent_self_approve to true to block PR author from approving.

@lee2sh
Copy link
Contributor Author

lee2sh commented Aug 8, 2024

@jamengual @GMartinez-Sisti @chenrui333 Thank you for approving this ❤️. Any chance that this can go onto the next release?

@jamengual jamengual merged commit df00031 into runatlantis:main Aug 8, 2024
28 checks passed
@jamengual
Copy link
Contributor

@jamengual @GMartinez-Sisti @chenrui333 Thank you for approving this ❤️. Any chance that this can go onto the next release?

yes, we will add it to the next release

@lee2sh lee2sh deleted the jsl/selfapprove branch August 8, 2024 22:53
synack-badamson
synack-badamson reviewed Aug 28, 2024
View reviewed changes
server/core/config/raw/policies.go
Name string `yaml:"name" json:"name"`
Owners PolicyOwners `yaml:"owners,omitempty" json:"owners,omitempty"`
ApproveCount int `yaml:"approve_count,omitempty" json:"approve_count,omitempty"`
PreventSelfApprove bool `yaml:"self_approve,omitempty" json:"prevent_self_approve,omitempty"`
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

PreventSelfApprove bool         `yaml:"self_approve,omitempty" json:"prevent_self_approve,omitempty"`

Shouldn't both yaml and json defs here have prevent_self_approve?

@BrewTestBot BrewTestBot mentioned this pull request Aug 28, 2024
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@synack-badamson synack-badamson synack-badamson left review comments

@GMartinez-Sisti GMartinez-Sisti GMartinez-Sisti approved these changes

@jamengual jamengual jamengual approved these changes

@chenrui333 chenrui333 chenrui333 left review comments

@lukemassa lukemassa Awaiting requested review from lukemassa lukemassa is a code owner automatically assigned from runatlantis/core-contributors

@nitrocode nitrocode Awaiting requested review from nitrocode nitrocode is a code owner automatically assigned from runatlantis/core-contributors

Assignees
No one assigned
Labels
docs Documentation feature New functionality/enhancement go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@lee2sh @GMartinez-Sisti @jlee-nydig @jamengual @chenrui333 @synack-badamson