Require using Merge Requests for projects in https://code.chakralinux.org/chakra/packages

@all, I suggest the following settings to be applied on ~~2019-11-10~~ 2019-11-11.

Merge Requests

Merge method

Fast-forward merge
No merge commits are created
Fast-forward merges only
When conflicts arise the user is given the option to rebase

Merge options

Merge pipelines will try to validate the post-merge result prior to merging
Pipelines need to be configured to enable this feature.

Automatically resolve merge request diff discussions when they become outdated

Show link to create/view merge request when pushing from the command line

Merge checks

These checks must pass before merge requests can be merged:

Pipelines must succeed
Pipelines need to be configured to enable this feature.

All discussions must be resolved

Merge request approvals

~~Can override approvers and approvals required per merge request~~ Disabled on 2019-11-11
Remove all approvals in a merge request when new commits are pushed to its source branch
Prevent approval of merge requests by merge request author
Prevent approval of merge requests by merge request committers

Approval rules

"Quality Assurance", the group @testers, 0 approvals required (optional), see https://wiki.archlinux.org/index.php/Arch_Testing_Team
"Code Review", the group @chakra/packages, 1 approval required.
CODEOWNERs, which is set in Protected Branches, required.

Default Branch

master

Push Rules

Committer restriction
Users can only push commits to this repository that were committed with one of their own verified emails.

Do not allow users to remove git tags with git push
Tags can still be deleted through the web UI.

Check whether author is a GitLab user
Restrict commits by author (email) to existing GitLab users

Prevent committing secrets to Git
GitLab will reject any files that are likely to contain secrets. The list of file names we reject is available in the documentation.

Protected Branches

master, maintainers are allowed to merge, no-one is allowed to push, require approval from code owners.

Protected Tags

*, no-one is allowed to create.

@all, I suggest the following settings to be applied on ~~2019-11-10~~ 2019-11-11.

# Merge Requests

## Merge method

**Fast-forward merge**  
No merge commits are created  
Fast-forward merges only  
When conflicts arise the user is given the option to rebase

## Merge options

**Merge pipelines will try to validate the post-merge result prior to merging**  
Pipelines need to be configured to enable this feature.

**Automatically resolve merge request diff discussions when they become outdated**

**Show link to create/view merge request when pushing from the command line**

## Merge checks

These checks must pass before merge requests can be merged:

**Pipelines must succeed**  
Pipelines need to be configured to enable this feature.

**All discussions must be resolved**

# Merge request approvals

* ~~Can override approvers and approvals required per merge request~~ Disabled on 2019-11-11
* Remove all approvals in a merge request when new commits are pushed to its source branch  
* Prevent approval of merge requests by merge request author  
* Prevent approval of merge requests by merge request committers

## Approval rules

- "Quality Assurance", the group `@testers`, 0 approvals required (optional), see https://wiki.archlinux.org/index.php/Arch_Testing_Team  
- "Code Review", the group `@chakra/packages`, 1 approval required.  
- `CODEOWNER`s, which is set in [Protected Branches](https://code.chakralinux.org/chakra/melange/issues/133#protected-branches), required.

# Default Branch

`master`

# Push Rules

**Committer restriction**  
Users can only push commits to this repository that were committed with one of their own verified emails.

**Do not allow users to remove git tags with `git push`**  
Tags can still be deleted through the web UI.

**Check whether author is a GitLab user**  
Restrict commits by author (email) to existing GitLab users

**Prevent committing secrets to Git**  
GitLab will reject any files that are likely to contain secrets. The list of file names we reject is available in the documentation.

# Protected Branches

`master`, maintainers are allowed to merge, no-one is allowed to push, require approval from code owners.

# Protected Tags

`*`, no-one is allowed to create.

Edited Nov 11, 2019 by totte

Discussion
Designs