the PR author can run approve_policies.

[lee2sh]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request. Searching for pre-existing feature requests helps us consolidate datapoints for identical requirements into a single place, thank you!
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.

---

• I'd be willing to implement this feature (contributing guide)

Describe the user story
I've noticed that the author of the PR can approve the policies if they are listed as a team member/user of the approver. Does it make sense to be able to control this? There are some sensitive repos where we don't want to allow this.

Describe the solution you'd like
#4794 --> The solution is to have a flag allowing self-approval and defaulting to false.

Describe the drawbacks of your solution
One drawback of this solution is that now, it will default to false which means that the author would not have the ability to approve the pr without selfApprove being explicitly set to true.

[dimisjim]

@lee2sh you can already prevent the author from approving policies via this flag: prevent_self_approve

See https://www.runatlantis.io/docs/policy-checking.html#step-2-define-the-policy-configuration