Merge request approvals

You can configure your merge requests so that they must be approved before they can be merged. While GitLab Free allows all users with Developer or greater permissions to approve merge requests, these approvals are optional. GitLab Premium and GitLab Ultimate provide additional flexibility:

  • Create required rules about the number and type of approvers before work can merge.
  • Specify a list of users who act as code owners for specific files, and require their approval before work can merge.

You can configure merge request approvals on a per-project basis, and some approvals can be configured on the group level. Support for group-level settings for merge request approval rules is tracked in this epic. Administrators of GitLab Premium and GitLab Ultimate self-managed GitLab instances can also configure approvals for the entire instance.

How approvals work

With merge request approval rules, you can set the minimum number of required approvals before work can merge into your project. You can also extend these rules to define what types of users can approve work. Some examples of rules you can create include:

You can also configure:

Approve a merge request

When an eligible approver visits an open merge request, GitLab displays one of these buttons after the body of the merge request:

  • Approve: The merge request doesn’t yet have the required number of approvals.
  • Approve additionally: The merge request has the required number of approvals.
  • Revoke approval: The user viewing the merge request has already approved the merge request.

Eligible approvers can also use the /approve quick action when adding a comment to a merge request. In GitLab 13.10 and later, if a user approves a merge request and is shown in the reviewer list, a green check mark ( ) displays next to their name.

After a merge request receives the number and type of approvals you configure, it can merge unless it’s blocked for another reason. Merge requests can be blocked by other problems, such as merge conflicts, unresolved threads, or a failed CI/CD pipeline.

To prevent merge request authors from approving their own merge requests, enable Prevent author approval in your project’s settings.

If you enable approval rule overrides, merge requests created before a change to default approval rules are not affected. The only exceptions are changes to the target branch of the rule.

Optional approvals

Introduced in GitLab 13.2.

GitLab allows all users with Developer or greater permissions to approve merge requests. Approvals in GitLab Free are optional, and don’t prevent a merge request from merging without approval.

Required approvals

Moved to GitLab Premium in 13.9.

Required approvals enforce code reviews by the number and type of users you specify. Without the approvals, the work cannot merge. Required approvals enable multiple use cases:

Invalid rules

Version history
On self-managed GitLab, by default this feature is not available. To make it available per project or for your entire instance, ask an administrator to enable the feature flag named invalid_scan_result_policy_prevents_merge. On GitLab.com, this feature is available but can be configured by GitLab.com administrators only.

Whenever an approval rule cannot be satisfied, the rule is displayed as (!) Auto approved. This applies to the following conditions:

  • The only eligible approver is the author of the merge request.
  • No eligible approvers (either groups or users) have been assigned to the approval rule.

These rules will be automatically approved (fail-open state) to unblock their respective merge requests, unless they were created through a security policy.

Invalid approval rules created through a security policy are presented with (!) Action Required and are not automatically approved (fail-closed state), blocking their respective merge requests.