Merge requests should require at least 2 approvals
Description
This policy checks if merge requests in GitLab require at least 2 approvals before they can be merged. Requiring multiple approvals for merge requests is important because it ensures that code changes are reviewed by multiple people, reducing the risk of introducing vulnerabilities or bugs into the codebase. This practice improves the overall quality and security of the code. By enforcing this rule, organizations can prevent single points of failure and reduce the risk of malicious code being merged into their repositories.
Code Example
json
{"approvals_before_merge": 2}Remediation
Ensure that the 'approvals_before_merge' setting is configured to require at least 2 approvals for merge requests.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-1065 |
| Severity | MEDIUM |
| IaC Type | gitlab_configuration |
| Frameworks | * |
| Checkov ID | CKV_GITLAB_1 |