Code Owners | GitLab Docs (original) (raw)
- Tier: Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
Use the Code Owners feature to define who has expertise for specific parts of your project’s codebase. Define the owners of files and directories in a repository to:
- Require owners to approve changes. Combine protected branches with Code Owners to require experts to approve merge requests before they merge into a protected branch. For more information, see Code Owners and protected branches.
- Identify owners. Code Owner names are displayed on the files and directories they own:
Code Owners and approval rules
Combine Code Owners with merge requestapproval rules (either optional or required) to build a flexible approval workflow:
- Use Code Owners to ensure quality. Define the users who have domain expertise for specific paths in your repository.
- Use approval rules to define areas of expertise that don’t correspond to specific file paths in your repository. Approval rules help guide merge request creators to the correct set of reviewers, such as frontend developers or a security team.
For example:
| Type | Name | Scope | Comment |
|---|---|---|---|
| Approval rule | UX | All files | A user experience (UX) team member reviews the user experience of all changes made in your project. |
| Approval rule | Security | All files | A security team member reviews all changes for vulnerabilities. |
| Code Owner approval rule | Frontend: Code Style | *.css files | A frontend engineer reviews CSS file changes for adherence to project style standards. |
| Code Owner approval rule | Backend: Code Review | *.rb files | A backend engineer reviews the logic and code style of Ruby files. |
Code Owners and protected branches
To ensure merge request changes are reviewed and approved by Code Owners, specified in theCODEOWNERS file, the merge request’s target branch must beprotectedand Code Owner approval must be enabled.
The following features are available when you enable Code Owner approvals on protected branches:
- Require approvals from Code Owners.
- Require multiple approvals from Code Owners.
- Optional approvals from Code Owners.
Practical example
Your project contains sensitive and important information in a config/ directory. You can:
- Assign ownership of the directory. To do this, set up a
CODEOWNERSfile. - Create a protected branch for your default branch. For example,
main. - Enable Required approval from code owners on the protected branch.
- Optional. Edit the
CODEOWNERSfile to add a rule for multiple approvals.
With this configuration, merge requests that change files in the config/directory and target the main branch require approval from the designated Code Owners before merging.
View Code Owners of a file or directory
To view the Code Owners of a file or directory:
- On the left sidebar, select Search or go to and find your project.
- Select Code > Repository.
- Go to the file or directory you want to see the Code Owners for.
- Optional. Select a branch or tag.
GitLab shows the Code Owners at the top of the page.
Set up Code Owners
Prerequisites:
- You must have permissions to push to the default branch or to create a merge request.
- Create a
CODEOWNERSfile in your preferred location. - Define some rules in the file following the CODEOWNERS syntax. Some suggestions:
- Configure All eligible approvers approval rule.
- Require Code Owner approval on a protected branch.
- Commit your changes, and push them up to GitLab.
CODEOWNERS file
The CODEOWNERS file defines who is responsible for code in a GitLab project. Its purpose is to:
- Define Code Owners for specific files and directories.
- Enforce approval requirements for protected branches.
- Communicate code ownership in a project.
This file determines who should review and approve changes and ensures the right experts are involved in code changes.
Each repository uses a single CODEOWNERS file. GitLab checks these locations in your repository in this order. The first CODEOWNERS file found is used, and all others are ignored:
- In the root directory:
./CODEOWNERS. - In the
docsdirectory:./docs/CODEOWNERS. - In the
.gitlabdirectory:./.gitlab/CODEOWNERS.
For more information, see CODEOWNERS syntax and Advanced CODEOWNERS configuration.
Allowed to push
Users who are Allowed to push can choose to create a merge request for their changes, or push the changes directly to a branch. If the user skips the merge request process, the protected branch features and Code Owner approvals built into merge requests are also skipped.
This permission is often granted to accounts associated with automation (internal users) and release tooling.
All changes from users without the Allowed to push permission must be routed through a merge request.