Use Case - Workzone
Flexible Merge Logic with Advanced Approval Conditions
Design intelligent, risk-based merge policies using boolean rules, quotas, and file-aware checks — built for complex teams and compliance-heavy workflows.
Use Case
Flexible Merge Logic with Advanced Approval Conditions
In large enterprises—especially those with multi-team code ownership, compliance mandates, and sophisticated SDLC workflows—standard approval requirements are often too rigid or too simplistic. Real-world merge requirements might vary by risk level, business unit, regulatory zone, or code path.
Workzone’s Simple and Advanced Merge Conditions allow you to define precise and adaptable merge criteria using logical expressions, giving enterprises the flexibility they need to automate merges safely and intelligently.
Simple Conditions (Out-of-the-Box Enforcement):
- % of reviewers who must approve (e.g. approvalQuota ≥ 75%)
- Group-level quotas (e.g. groupQuota = 2)
- Minimum number of mandatory reviewers (e.g. mandatoryApprovalCount = 1)
- Required digital signatures (e.g. requiredSignaturesCount = 2)
- Required builds (e.g. requiredBuildsCount = 1)
These criteria are AND-combined to form a strict baseline—ensuring that only pull requests meeting all specified conditions can be merged.
Advanced Conditions (Boolean Expressions):
However, some workflows require more nuance. With Workzone’s advanced mode, admins can write boolean expressions using merge condition variables:
requiredBuildsCount > 1 & ( approvalQuota >= 50% | groupQuota >= 2 ) & requiredSignaturesCount > 2
This rule might reflect a company policy that allows a release to merge if:
- At least two successful builds are present,
- Either 50% of individual reviewers approved or at least two team members per reviewer group,
- And at least three reviewers signed using digital signatures.
File/Path-Aware Merge Checks:
On top of this, file/path-based reviewer rule approval quotas can be enforced as additional merge checks. For example, a PR that touches src/payment/** may require separate approval of at least 2 members from the PCI compliance team, regardless of other conditions.
Enterprise Benefits:
- Custom-fit merge logic for real-world org structures — from monorepos with shared ownership to regulated projects requiring multiple layers of sign-off.
- Reduces risk of accidental or unauthorized merges by ensuring all relevant gates are passed before code enters protected branches.
- Boosts developer velocity while maintaining compliance, since trusted PRs with satisfied conditions merge automatically—without bottlenecks or manual intervention.
- Supports CFR, ISO, SOC 2, SOX, PCI workflows — Workzone logic adapts to any internal control framework.
- Eliminates edge-case gaps not covered by Bitbucket’s built-in merge checks, which lack conditional logic and multi-dimensional merge rules.
Bitbucket’s limited repository-wide merge-checks do not enable teams to specify separate merge policies and rules for different branches. With Workzone, merge rules merge-checks and policies can be tailored to the purpose of various protected branches like main, release/** etc
Use Cases
Explore More Use Cases...
Learn how enterprise teams streamline workflows, boost compliance, and drive productivity with Izymes apps
