Merge branch 'ali/deployment-approvals-mvc-3' into 'master'

Add required_approval_count to Protected Environments API

See merge request gitlab-org/gitlab!76165

doc/api/group_protected_environments.md

@@ -48,12 +48,13 @@ Example response:
       "name":"production",
       "deploy_access_levels":[
          {
-            "access_level":40,
-            "access_level_description":"Maintainers",
-            "user_id":null,
-            "group_id":null
+            "access_level": 40,
+            "access_level_description": "Maintainers",
+            "user_id": null,
+            "group_id": null
          }
-      ]
+      ],
+     "required_approval_count": 0
    }
 ]
 ```
@@ -87,7 +88,8 @@ Example response:
          "user_id":null,
          "group_id":null
       }
-   ]
+   ],
+   "required_approval_count": 0
 }
 ```
 
@@ -104,6 +106,7 @@ POST /groups/:id/protected_environments
 | `id`      | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) maintained by the authenticated user. |
 | `name`    | string | yes    | The deployment tier of the protected environment. One of `production`, `staging`, `testing`, `development`, or `other`. Read more about [deployment tiers](../ci/environments/index.md#deployment-tier-of-environments).|
 | `deploy_access_levels`          | array          | yes | Array of access levels allowed to deploy, with each described by a hash. One of `user_id`, `group_id` or `access_level`. They take the form of `{user_id: integer}`, `{group_id: integer}` or `{access_level: integer}` respectively. |
+| `required_approval_count` | integer        | no       | The number of approvals required to deploy to this environment. This is part of Deployment Approvals, which isn't yet available for use. For details, see [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/343864). |
 
 The assignable `user_id` are the users who belong to the given group with the Maintainer role (or above).
 The assignable `group_id` are the sub-groups under the given group.
@@ -119,12 +122,13 @@ Example response:
    "name":"production",
    "deploy_access_levels":[
       {
-         "access_level":40,
-         "access_level_description":"protected-access-group",
-         "user_id":null,
-         "group_id":9899826
+         "access_level": 40,
+         "access_level_description": "protected-access-group",
+         "user_id": null,
+         "group_id": 9899826
       }
-   ]
+   ],
+  "required_approval_count": 0
 }
 ```
 

doc/api/protected_environments.md

@@ -49,7 +49,8 @@ Example response:
             "user_id":null,
             "group_id":null
          }
-      ]
+      ],
+     "required_approval_count": 0
    }
 ]
 ```
@@ -78,12 +79,13 @@ Example response:
    "name":"production",
    "deploy_access_levels":[
       {
-         "access_level":40,
-         "access_level_description":"Maintainers",
-         "user_id":null,
-         "group_id":null
+         "access_level": 40,
+         "access_level_description": "Maintainers",
+         "user_id": null,
+         "group_id": null
       }
-   ]
+   ],
+  "required_approval_count": 0
 }
 ```
 
@@ -107,6 +109,7 @@ curl --header 'Content-Type: application/json' --request POST \
 | `id`                            | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. |
 | `name`                          | string         | yes | The name of the environment. |
 | `deploy_access_levels`          | array          | yes | Array of access levels allowed to deploy, with each described by a hash. |
+| `required_approval_count` | integer        | no       | The number of approvals required to deploy to this environment. This is part of Deployment Approvals, which isn't yet available for use. For details, see [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/343864). |
 
 Elements in the `deploy_access_levels` array should be one of `user_id`, `group_id` or
 `access_level`, and take the form `{user_id: integer}`, `{group_id: integer}` or
@@ -125,7 +128,8 @@ Example response:
          "user_id": null,
          "group_id": 9899826
       }
-   ]
+   ],
+  "required_approval_count": 0
 }
 ```
 

ee/lib/api/protected_environments.rb

@@ -51,6 +51,7 @@ module API
       end
       params do
         requires :name, type: String, desc: 'The name of the protected environment'
+        optional :required_approval_count, type: Integer, desc: 'The number of approvals required to deploy to this environment', default: 0
 
         requires :deploy_access_levels, type: Array, desc: 'An array of users/groups allowed to deploy environment' do
           optional :access_level, type: Integer, values: ::ProtectedEnvironment::DeployAccessLevel::ALLOWED_ACCESS_LEVELS
@@ -137,6 +138,7 @@ module API
       end
       params do
         requires :name, type: String, desc: 'The tier name of the protected environment'
+        optional :required_approval_count, type: Integer, desc: 'The number of approvals required to deploy to this environment', default: 0
 
         requires :deploy_access_levels, as: :deploy_access_levels_attributes, type: Array, desc: 'An array of users/groups allowed to deploy environment' do
           optional :access_level, type: Integer, values: ::ProtectedEnvironment::DeployAccessLevel::ALLOWED_ACCESS_LEVELS

ee/lib/ee/api/entities/protected_environment.rb

@@ -6,6 +6,7 @@ module EE
       class ProtectedEnvironment < Grape::Entity
         expose :name
         expose :deploy_access_levels, using: ::API::Entities::ProtectedRefAccess
+        expose :required_approval_count
       end
     end
   end

ee/spec/fixtures/api/schemas/public_api/v4/protected_environment.json

@@ -6,7 +6,8 @@
   ],
   "properties": {
     "name": { "type": "string" },
-    "deploy_access_levels": { "type": "array", "items": { "$ref": "protected_ref_access.json" } }
+    "deploy_access_levels": { "type": "array", "items": { "$ref": "protected_ref_access.json" } },
+    "required_approval_count": { "type":  "integer" }
   },
   "additionalProperties": false
 }

ee/spec/requests/api/protected_environments_spec.rb

@@ -12,8 +12,8 @@ RSpec.describe API::ProtectedEnvironments do
   let(:protected_environment_name) { 'production' }
 
   before do
-    create(:protected_environment, :maintainers_can_deploy, :project_level, project: project, name: protected_environment_name)
-    create(:protected_environment, :maintainers_can_deploy, :group_level, group: group, name: protected_environment_name)
+    create(:protected_environment, :maintainers_can_deploy, :project_level, project: project, name: protected_environment_name, required_approval_count: 1)
+    create(:protected_environment, :maintainers_can_deploy, :group_level, group: group, name: protected_environment_name, required_approval_count: 2)
   end
 
   shared_examples 'requests for non-maintainers' do
@@ -64,6 +64,7 @@ RSpec.describe API::ProtectedEnvironments do
         expect(response).to match_response_schema('public_api/v4/protected_environment', dir: 'ee')
         expect(json_response['name']).to eq(protected_environment_name)
         expect(json_response['deploy_access_levels'][0]['access_level']).to eq(::Gitlab::Access::MAINTAINER)
+        expect(json_response['required_approval_count']).to eq(1)
       end
 
       context 'when protected environment does not exist' do
@@ -90,12 +91,13 @@ RSpec.describe API::ProtectedEnvironments do
         deployer = create(:user)
         project.add_developer(deployer)
 
-        post api_url, params: { name: 'staging', deploy_access_levels: [{ user_id: deployer.id }] }
+        post api_url, params: { name: 'staging', deploy_access_levels: [{ user_id: deployer.id }], required_approval_count: 3 }
 
         expect(response).to have_gitlab_http_status(:created)
         expect(response).to match_response_schema('public_api/v4/protected_environment', dir: 'ee')
         expect(json_response['name']).to eq('staging')
         expect(json_response['deploy_access_levels'].first['user_id']).to eq(deployer.id)
+        expect(json_response['required_approval_count']).to eq(3)
       end
 
       it 'protects the environment with group allowed to deploy' do
@@ -207,6 +209,7 @@ RSpec.describe API::ProtectedEnvironments do
         expect(response).to match_response_schema('public_api/v4/protected_environment', dir: 'ee')
         expect(json_response['name']).to eq(protected_environment_name)
         expect(json_response['deploy_access_levels'][0]['access_level']).to eq(::Gitlab::Access::MAINTAINER)
+        expect(json_response['required_approval_count']).to eq(2)
       end
 
       context 'when protected environment does not exist' do
@@ -233,12 +236,13 @@ RSpec.describe API::ProtectedEnvironments do
         deployer = create(:user)
         group.add_maintainer(deployer)
 
-        post api_url, params: { name: 'staging', deploy_access_levels: [{ user_id: deployer.id }] }
+        post api_url, params: { name: 'staging', deploy_access_levels: [{ user_id: deployer.id }], required_approval_count: 3 }
 
         expect(response).to have_gitlab_http_status(:created)
         expect(response).to match_response_schema('public_api/v4/protected_environment', dir: 'ee')
         expect(json_response['name']).to eq('staging')
         expect(json_response['deploy_access_levels'].first['user_id']).to eq(deployer.id)
+        expect(json_response['required_approval_count']).to eq(3)
       end
 
       it 'protects the environment with group allowed to deploy' do