chore: Mergify rule requiring two (or more) approvals on certain PRs (a…

…ws#9599) * chore: Mergify rule requiring two (or more) approvals on certain PRs For security-related or other broadly-impacting PRs, having multiple reviewers can be beneficial. Today, PRs can be manually tagged with 'pr/do-not-merge' and untagged after an artibrary point. An explicit label ('pr/requires-two-approvers`) makes this more explicit and allows for up-front tagging by the PR author.
Vboivin · Aug 11, 2020 · 979558e · 979558e
1 parent d651948
commit 979558e
Showing 1 changed file with 27 additions and 2 deletions.
diff --git a/.mergify.yml b/.mergify.yml
@@ -21,7 +21,7 @@ pull_request_rules:
     conditions:
       - base!=release
       - -title~=(WIP|wip)
-      - -label~=(blocked|do-not-merge|no-squash)
+      - -label~=(blocked|do-not-merge|no-squash|two-approvers)
       - -merged
       - -closed
       - author!=dependabot[bot]
@@ -32,7 +32,32 @@ pull_request_rules:
       - status-success~=AWS CodeBuild us-east-1
       #- status-success=Semantic Pull Request
       - status-success=mandatory-changes
-  - name: automatic merge
+  - name: automatic merge (2+ approvers)
+    actions:
+      comment:
+        message: Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to [allow changes to be pushed to your fork](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/allowing-changes-to-a-pull-request-branch-created-from-a-fork)).
+      merge:
+        strict: smart
+        method: squash
+        strict_method: merge
+        commit_message: title+body
+      delete_head_branch: {}
+    conditions:
+      - base!=release
+      - -title~=(WIP|wip)
+      - label~=two-approvers
+      - -label~=(blocked|do-not-merge|no-squash)
+      - -merged
+      - -closed
+      - author!=dependabot[bot]
+      - author!=dependabot-preview[bot]
+      - "#approved-reviews-by>=2"
+      - -approved-reviews-by~=author
+      - "#changes-requested-reviews-by=0"
+      - status-success~=AWS CodeBuild us-east-1
+      #- status-success=Semantic Pull Request
+      - status-success=mandatory-changes
+  - name: automatic merge (no-squash)
     actions:
       comment:
         message: Thank you for contributing! Your pull request will be updated from master and then merged automatically without squashing (do not update manually, and be sure to [allow changes to be pushed to your fork](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/allowing-changes-to-a-pull-request-branch-created-from-a-fork)).