Credits to Github Giphy
Gitlab Auto Approve is a Gitlab bot for automatically approving merge requests. It's built based on FastAPI.
This bot is still in development. Version v0.1.0 will be out soon
This bot currently only supports automatic approval and disapproval of merge requests upon receiving configureable user comments within the gitlab merge request. If you are missing further features please open a new issue.
Due to limitations in the Gitlab API approval commands can only be used with a Premium or Ultimate Tier instance. This bot was primarily tested for Gitlab version v16.7.0. If you encounter issues with a different Gitlab version please open a new issue.
To setup a new instance of this bot you can either clone the repository and run the application on your own using the instructions below or use a prebuilt docker image that can be found here.
If you want to use the prebuilt docker image from Docker Hub, please follow the steps below.
- Pull the image from docker hub with
docker pull niklasstoffers/gitlab-auto-approve:latest - Configure the bot via environment variables as described here
- Run the image with
docker
If you don't want to use the prebuilt docker image from Docker Hub, but instead want to build the image yourself, please follow the steps below.
- Clone the repository
- Make sure that you have
dockeranddocker-composeinstalled. If you want to use the Makefile thats shipped with this repository please also make sure that you have installedmake. - Configure the bot via environment variables as described here
- Build and run the image
- Using
make:make build make run
- Without
make:docker-compose --env-file .env.docker build docker-compose --env-file .env.docker up
- Using
You can also setup a new instance without using Docker. To do this you will need to have Python3 installed on your machine.
- Clone the repository
- Configure the bot via the autoapprove/config.yaml file as described here
- Run the following commands in your terminal
cd autoapprove python3 -m venv .venv source .venv/bin/activate pip install -r requirements.txt python main.py
To integrate this bot with your gitlab repository you will need Maintainer access to your project.
- Head over to the projects Access Token settings and create a new access token with the api scope and necessary role to be able to approve the merge request. This role will depend on your project settings.
You can use the following configuration options to configure the bot to your specific needs. The bot accepts both configuration via the autoapprove/config.yaml file as well as environment variables. Environment variable configuration will override configuration in the autoapprove/config.yaml file.
| Option | Environment variable | Description |
|---|---|---|
gitlab |
- | Section for Gitlab specific configuration |
gitlab.host |
GITLAB__HOST |
Configures the server url of the gitlab server |
gitlab.access_token |
GITLAB__ACCESS_TOKEN |
Access token that needs to be setup for your gitlab repository. This is used in order to make calls to the Gitlab API |
gitlab.webhook_token |
GITLAB__WEBHOOK_TOKEN |
Webhook token that was specified when creating the comment trigger webhook |
trusted_hosts_only |
TRUSTED_HOSTS_ONLY |
If enabled will block HTTP requests that do not contain your gitlab_host in the HTTP Host header |
environment |
ENVIRONMENT |
Sets the environment the bot will run under. Supports either DEVELOPMENT or PRODUCTION. Under the DEVELOPMENT environment certain features like the Open-API documentation will be available. |
ssl |
- | Section for SSL specific configuration options |
ssl.enable |
SSL__ENABLE |
Enables HTTPS. You will need additional configuration for your SSL certificates. See HTTPS |
ssl.key_file |
SSL__KEY_FILE |
Path to your SSL private key file |
ssl.cert_file |
SSL__CERT_FILE |
Path to your SSL certificate file |
commands |
- | Section for command specific configuration |
commands.<type> |
- | Section for command type specific configuration. This configuration options are available to all commands. |
commands.<type>.keyword |
COMMANDS__<TYPE>__KEYWORD |
Keyword that the bot will scan the user comment for. |
commands.<type>.ignore_case |
COMMANDS__<TYPE>__IGNORE_CASE |
If set to true the bot won't treate keywords case-sensitive. |
commands.<type>.strict_match |
COMMANDS__<TYPE>__STRICT_MATCH |
If set to true the bot will only invoke the command when the user comment only contains the keyword. If set to false the keyword only needs to be present within the entire comment. |
commands.<type>.only_for_members |
COMMANDS__<TYPE>__ONLY_FOR_MEMBERS |
Comma-separated list of Gitlab usernames. If specified the bot will only invoke the command if the comment author is in the username list. |
commands.<type>.requires_role |
COMMANDS__<TYPE>__REQUIRES_ROLE |
Required role for the command. If specified the bot will only invoke the command if the comment author has the specified role. Can be set to NO_ACCESS, MINIMAL_ACCESS, GUEST, REPORTER, DEVELOPER, MAINTAINER or OWNER. |
commands.<type>.message |
COMMANDS__<TYPE>__MESSAGE |
Comment response that the bot will create after invoking the command. If left empty the bot won't send a message at all. |
commands.approval |
- | Section for configuration options regarding the approval of merge requests. |
commands.disapproval |
- | Section for configuration options regarding the disapproval of merge requests. |
commands.merge |
- | Section for configuration options regarding merge of merge requests. |
uvicorn.reload |
UVICORN__RELOAD |
If set to true uvicorn will reload the server upon file change. This should be set to false in production environments but is a useful setting for development. |
logging |
- | Section for configuration options regarding logging |
logging.enable |
LOGGING__ENABLE |
Enables logging within the application. Note that the bot also comes with startup logging which already logs before configuration is loaded. If you want to disable startup logging invoke the application with the --disable-startup-logs command line option. |
logging.level |
LOGGING__LEVEL |
Sets the log level to be used. Can be set to DEBUG, INFO, WARNING, ERROR or CRITICAL. |
logging.handlers |
- | Section for configuration options regarding logging handlers. |
logging.handlers.console |
- | Section for configuration options regarding console logging handler. |
logging.handlers.console.enable |
LOGGING__HANDLERS__CONSOLE__ENABLE |
If set to true the application will log to the console. |
logging.handlers.file |
- | Section for configuration options regarding file logging handler. |
logging.handlers.file.enable |
LOGGING__HANDLERS__FILE__ENABLE |
If set to true the application will log to a file. |
logging.handlers.file.logfile |
LOGGING__HANDLERS__FILE__LOGFILE |
Path to the logfile. Must be set if file logging is enabled. |
To use HTTPS with the bot you will need to enable SSL via the configuration options. Furthermore you will also need to supply the SSL certificate and private key to the bot. If you're running the bot with docker, we recommend mounting a volume into the container that contains your SSL certificate and specifying the path accordingly. If you run the bot without docker you can just specify a path on your local filesystem.
Warning
We strongly recommend enabling HTTPS as traffic will be unencrypted and publicly visible otherwise. This traffic will include confidential information such as usernames, project names, project/group access tokens and more!
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
![mergify[bot] avatar](https://avatars.githubusercontent.com/in/10562?v=4 "mergify[bot]")
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent