mergify icon indicating copy to clipboard operation
mergify copied to clipboard
verified publisher icon Mergifyio

Show warning if assignee is trying to merge a PR without reviews

Open HaruChebrolu opened this issue 1 year ago • 11 comments

Expected Behavior

PR shouldn't be merged when PR has no reviews or if assignee is trying to merge it.

Actual Behavior

PR was getting merged

Steps to Reproduce the Problem

  1. We have below configuration in mergify.yaml
  ---
pull_request_rules:
  - name: automatic merge
    conditions:
      - label!=DNM
      - label!=work-in-progress
      - base=master
      - "approved-reviews-by=@red-hat-storage/cephci-top-level-reviewers"
      - "check-success=tox (3.9.18)"
      - check-success=WIP
    actions:
      merge:
        method: merge
  - name: ask to resolve conflict
    conditions:
      - conflict
    actions:
      comment:
        message: >
          "This pull request now has conflicts with the target branch.
          Could you please resolve conflicts and force push the corrected
          changes?"
  1. So anyone can have a label approved in labels, so its getting merged.
  2. Can we have a condition in above configuration file in such a way only when reviewers keep label as approved, PR should get merged.

Specifications

  • Pull Request URL:
  • Mergify Config URL:

HaruChebrolu avatar Oct 03 '24 09:10 HaruChebrolu

Hi @HaruChebrolu,

There are no label conditions in your configuration above. I imagine you want to add one? In that case you'd need:

pull_request_rules:
  - name: automatic merge
    conditions:
      - label!=DNM
      - label!=work-in-progress
      - label = approved
      - base=master
      - "approved-reviews-by=@red-hat-storage/cephci-top-level-reviewers"
      - "check-success=tox (3.9.18)"
      - check-success=WIP
    actions:
      merge:
        method: merge

This means the label approved will be required to merge the PR.

jd avatar Oct 03 '24 09:10 jd

yes @jd , you are right I also need a condition only when reviewers add a label, only when PR should get merged. Could you please help me with that.

HaruChebrolu avatar Oct 03 '24 09:10 HaruChebrolu

Hi @HaruChebrolu ,

Thanks for taking the time to formulate your issue,

If we understand correctly, you want to block the merge if the label approved is not set by someone whose a reviewer on the PR, is that right?

In other words, the PR, once approved by reviewers, should only be merged if the label approved is set by one of those said reviewers, is that right?

If that's the case, there's no way to know in Mergify who added the label so you can't write a condition for that.

Syffe avatar Oct 03 '24 12:10 Syffe

A good question for @HaruChebrolu would be: what are you trying to implement/achieve in term of workflow? As in, what's the problem with the current rule that you have?

jd avatar Oct 03 '24 13:10 jd

yes @Syffe , you are right! Thats what we are trying to implement in our workflow

HaruChebrolu avatar Oct 05 '24 13:10 HaruChebrolu

@Syffe @jd Could you please provide an update on this?

HaruChebrolu avatar Oct 09 '24 04:10 HaruChebrolu

@HaruChebrolu If you don't answer our questions, it's impossible to help you.

jd avatar Oct 09 '24 05:10 jd

@jd I provided answer for @Syffe's question, the understanding of @Syffe is right. We want to implement the workflow in such a way that only when the PR, once approved by reviewers, should only be merged if the label approved is set by one of those said reviewers

HaruChebrolu avatar Oct 09 '24 06:10 HaruChebrolu

@HaruChebrolu Right but you did not answer mine. 😢

To reply to your initial question, this is simply not possible; Mergify does not expose the information of who sets a label. That's why I'm asking you why and what you want to achieve. You're coming up with a solution which might be the good one, cf https://en.wikipedia.org/wiki/XY_problem

jd avatar Oct 09 '24 07:10 jd

@jd The current problem with our workflow is anyone can assign a label as "approved"(even without having valid approvals from reviewers) and then mergify would merge it based on label "approved".

HaruChebrolu avatar Oct 09 '24 13:10 HaruChebrolu

Hi @HaruChebrolu,

I understand your concern, but I'm a bit unclear about what you mean by "anyone" being able to assign the "approved" label. Typically, only users with the necessary permissions can add labels to a repository.

It would be helpful if you could provide more details about the specific issue you're encountering. Could you explain the real problem you're trying to solve? Understanding the root of the issue will allow us to find the best possible solution.

You mentioned wanting a condition where only when reviewers add the "approved" label should the PR be merged. Unfortunately, Mergify doesn't have the capability to detect who added a label, so we can't implement that exact solution.

Let's take a step back to understand your workflow needs. Are you concerned that pull requests are being merged without proper approval because labels are being added by unauthorized users? If so, we might be able to explore alternative approaches to ensure that only appropriately reviewed PRs are merged.

Please share more details about the challenges you're facing, and we'll do our best to assist you.

jd avatar Oct 09 '24 14:10 jd