We have a CI/CD setup in Azure DevOps that gets triggered from push on master branch. Is it possible to make the approver the user that was the cause of the build trigger?
The idea behind this is that we have many developers in our team so I want the specific dev that pushed changes make the decision on whether or not they want the changes deployed, vs. a dedicated approver.
Short answer, no.
Context:
This is the opposite of a good practice, which is why there's an option to require someone else to be the approver, but not the person who made the change. You don't want the person who made a change to be the one to approve it, because that enables a single person to sneak a change through. This means that mistakes can slip through, or even intentionally malicious changes.
The best practice is to require someone other than the person who made a change to review and approve the change.
While I totally agree with #Daniel Mann on why this shouldn't be done, the way I've seen it happen is that the Team is assigned as the recipient of the approval request, and the user requesting a release or deployment should not approve it checkbox remains unchecked.
Then to avoid the inbox noise of the approval request, turn off the notification for the team about pending release approvals.
EDIT
If you must have only that one person assigned as the valid user to approve changes for deployment, you could do this too, but it wouldn't be pretty. You could have a "stage" per person. These stages would use artifact filters in the pre-deploy conditions to only send approval email to the person that stage is for.
After the approval it forwards to the actual deployment stage to do the work.
Now you need to add the username or something as the tag on the build. I'm unsure if there's a tool/task to do this as part of the build pipeline to keep it continuous, but I know you could figure out how to do it from the REST api. Perhaps you would need to create a pre-approval stage that runs a PS script to access the REST api and tag the provided build with the value of requestedBy property on the build.
Again, see how hard it is to do this? That probably means you're not following best practices. "Make the right things easy and the wrong things hard." -Unknown
Related
Hey I have Gitlab CE version and I would like to implement a job that verifies approvals from a peer. I know this feature is totally available for premium and ultimate versions. However, I already created a little hack that verifies that the person who approves the MR is different from the one who created it.
My question is: is there a way to cancel the approval, without being manually, if there has been a change to the code?
is there a way to cancel the approval, without being manually, if there has been a change to the code?
This is already the default behavior in GitLab. When new commits are pushed the source branch of an MR, all approvals are removed.
However, if that setting is not available in GitLab Free, there is no workaround for this as only the approver can revoke their own approval. You might be able to make a pipeline job remove the approval using the API, if you have a personal access token for every approver available in the job, but this is quite impractical.
is it possible to collaborate online with TFS? I mean, when I move a task, others can see it in real time without sharing screen or updating the page. Thank you!
Azure DevOps Server 2020 Update 1 RC1 and higher has live updates on work items. If you change a work item someone else has open in view mode, it will update in their client.
Alternatively
You can enable notifications using ../DefaultCollection/_usersSettings/notifications
You can use the Follow icon to follow a work item. Any changes will result in an e-mail to you saying the item has changed, and what has changed.
If you move a story out of an iteration, the Taskboard (../_sprints/taskboard/..) view updates automatically for all users viewing that iteration
Similarly, if you add/edit/move/change state on a task in an iteration the Taskboard will update.
I am new to GitLab. I want to create a list of reviewers for my project. How do I can create it? I just want to assign a reviewer from my group to one merge-request.
TIA
There are several possibilites regarding the Merge Request Approvals documentation:
Enforcing review of all code that gets merged into a repository.
Specifying reviewers for a given proposed code change, as well as a minimum number of reviewers, through Approval rules.
Specifying categories of reviewers, such as backend, frontend, quality assurance, database, and so on, for all proposed code changes.
Designating Code Owners as eligible approvers, determined by the files changed in a merge request.
If you want to organize your developers, you can also use a group, for example.
I am having a hard time finding a definitive answer on the internet. Is there a way to customize GitLab notification emails? For example, when a pipeline has passed, I want to give more precise information than the ones provided by the default sent email.
If it's not yet implemented, from where comes the email parameters (e.g., branch, commit)? I don't understand how they work.
Thanks!
Currently I have an GitHub repo that I use for collaboration. I want anyone to be able to join it.
GitHub currently requires users to first find me (there is no form to request) and ask me and then they are mailed an invitation which they then have to accept.
I'm guessing there is an app out there for this but I can't find it.
I'm looking for either an integration that takes a turns a issue comment into a team add, or form the user can request an invite from.
Forking a repo remains the official way to contribute without asking. Then the contributor can make a pull request back to the original repo.
The goal is to "manage" (through PR review) the flow of contribution.
The other alternative would be to add several people owner of an organization team: that way, you would be the only one people would have to ask in order to be collaborators.
If this is an organization that you're trying to add members to, there is already some automation around that.
JazzBand allows anyone to join the organization. Their website uses the same mechanisms as add-to-org to add people to an organization.
Looking at their source code, it appears both use the GitHub API to add members to an organization.
PUT /orgs/:org/memberships/:username
That said, if this is a personal repository, you'll instead want to follow the API to add a collaborator
PUT /repos/:owner/:repo/collaborators/:username
It's likely you could modify either of those projects to fit this need. Cheers!