Ensure Gitlab project merge requests has at least 2 approvals

Error: Gitlab project merge requests has less than 2 approvals
Bridgecrew Policy ID: BC_REPO_GITLAB_TF_2
Checkov Check ID: CKV_GLB_1
Severity: MEDIUM

Gitlab project merge requests has less than 2 approvals

Description

In GitLab, administrators can require that all merge requests receive a specific number of approving reviews before someone merges the pull request into a protected branch. It is also possible to require approving reviews from people with write permissions in the repository or from a designated code owner.

If a collaborator attempts to merge a pull request with pending or rejected reviews into the protected branch, the collaborator will receive an error message.

Fix - Buildtime

Terraform

  • Resource: gitlab_project
  • Attribute: approvals_before_merge
resource "gitlab_project" "example" {
...
+  approvals_before_merge = 2
...
}