Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours scrolling social media and waste money on things we forget, but won’t spend 30 minutes a day earning certifications that can change our lives.
Master in DevOps, SRE, DevSecOps & MLOps by DevOpsSchool!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

Uncategorised

GitLab CODEOWNERS file – enforce code reviews, approvals, and accountability

May 28, 2025 Leave a Comment

The CODEOWNERS file in GitLab is a special file that lets you define who is responsible (owner) for specific files, directories, or patterns in your repository. It’s a powerful feature to enforce code reviews, approvals, and accountability—especially for sensitive or critical parts of your codebase.

✅ What Does the CODEOWNERS File Do?

When a file or directory covered by a CODEOWNERS rule is modified in a merge request:

  1. GitLab automatically requests approval from the listed owners.
  2. If you enforce approval rules, the MR cannot be merged without their review (when configured).

📄 Syntax of CODEOWNERS

Each line defines a path pattern followed by one or more GitLab usernames or groups.

# Syntax: <file pattern> <usernames or groups>
/README.md         @john
/docs/             @tech-writers
/secrets/*         @security-team @admin
*.yml              @devops
Code language: PHP (php)

📁 Where to Place CODEOWNERS

GitLab looks for the file in one of these locations (in order of priority):

  1. .gitlab/CODEOWNERS
  2. docs/CODEOWNERS
  3. CODEOWNERS (root)

👉 Best practice: place it in .gitlab/CODEOWNERS.

🔐 How CODEOWNERS Works with Approval Rules

To enforce the rules:

  1. Go to Project → Settings → General → Merge request approvals
  2. Enable: “Require approval from Code Owners”
  3. GitLab will now enforce at least one approval from any listed owner if their path is touched.

🧠 Example Use Case

# Enforce ownership on critical configs
/config/production.yml @devops-lead

# Only security team can approve secrets file
/secrets/* @security-team
Code language: PHP (php)

When someone opens an MR touching /config/production.yml, GitLab:

  • Requests approval from @devops-lead
  • Blocks merging if approval is required and not yet given

🔍 Pro Tips

  • You can use groups like @my-org/security as owners.
  • Owners must have at least Developer access to the repo.
  • Use together with merge request approval rules for full control.

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

Certification Courses

DevOpsSchool has introduced a series of professional certification courses designed to enhance your skills and expertise in cutting-edge technologies and methodologies. Whether you are aiming to excel in development, security, or operations, these certifications provide a comprehensive learning experience. Explore the following programs:

DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.

0
Would love your thoughts, please comment.x
()
x