Product Review: Enabled by Default

The PM Leadership team has had recent discussions with Sid about defaulting to on. The purpose of this issue is for each PM to review their product categories and list items not enabled by default that could be changed to enabled by default..

We want each of the PMs to then pick the right ones and start enabling them by default in the upcoming releases.

Why?

As we focus our attention on monetization and adoption using discovery, usability, and depth, one thing that can make a meaningful impact is having features turned on by default.

We know that adoption curves are significantly higher if features are turned on by default. This also helps us gather great feedback and help us adjust the course of our roadmap. This issue came up a few times of the last few meetings in the PM Scale meeting and I wanted to make sure that we are not building a lot of debt around features that should be on by default but aren't (for whatever historical reasons).

Picking the right defaults is hard --but getting it right has a huge payoff for our users. It keeps the product simple, reduces the number of nerd-knob combinations that the user has to deal with, and reduces time-to-value.

PMs, please check the box when you have completed adding your items to the table.

Enablement section

Feature	Why is it not on by default today?	On by default issue	Section:Stage:Category	PM
Advanced Search	Requires Elasticsearch integration on a different cluster then GitLab is installed. Also increases Storage needs by 50% for the Search Index	#1716	Enablement:Global Search	@JohnMcGuire
Native Object storage replication	Only a subset of users require this feature and most users can rely on object storage replication provided by e.g. AWS, Azure etc.	N/A	Enablement:Geo	@fzimmer
Docker Registry replication	Requires specific configuration before enabling is possible.	gitlab-org/gitlab#280855 (closed)	Enablement:Geo	@fzimmer
Location aware URL	Requires configuration that is user dependent and can't be guessed.	N/A	Enablement:Geo	@fzimmer
Selective Sync	Can be configured when needed but not relevant to all users.	N/A	Enablement:Geo	@fzimmer
Geo for Geo replication on GitLab.com	Compliance - GitLab.com located in the US and inability to select data for replication on a granular level. MVC could be small deployment on the west coast	gitlab-org&3171	Enablement:Geo	@fzimmer
Geo for DR on GitLab.com	Considered before but cost plus unclear business requirements were blockers. Working Group is evaluating Geo now	gitlab-org&575 (closed)	Enablement:Geo	@fzimmer
Pages for Omnibus	Requires separate DNS entry	gitlab-org/omnibus-gitlab#3342	Enablement:Distribution	@joshlambert
Pages for Charts	Currently requires NFS	gitlab-org/charts/gitlab#37 (moved)	Enablement:Distribution	@joshlambert
Runner for Omnibus	Potential risk (UX, security) to run on same instance as Server	gitlab-org/omnibus-gitlab#2401	Enablement:Distribution	@joshlambert

• @fzimmer - Principal PM, Geo
• @JohnMcGuire - Sr. PM, Global Search
• @awthomas - Principal PM, Infrastructure
• @joshlambert - Distribution

Dev Section

Feature	Why is it not on by default today?	On by default issue	Section:Stage:Category	PM
VSA horizontal flow	To avoid confusion with the legacy navigation still in place	gitlab-org/gitlab#281598 (closed)	Dev:Manage:Optimize	@ljlane
Export audit events as CSV	Ongoing performance issues. Exploring an improvement that could change this to default on	TBD	Dev:Manage:Compliance	@mattgonzales
Revoke user PATs in Credential Inventory	It as previously off by default while we navigated the privacy and permissions control over PATs for users in SaaS groups	gitlab-org/gitlab#267184 (closed)	Dev:Manage:Compliance	@mattgonzales
Project events in group audit log	Database performance issues that are ongoing	TBD	Dev:Manage:Compliance	@mattgonzales
User group counts	There are database performance issues to resolve, detailed here	TBD	Dev:Manage:Compliance	@mattgonzales
Live Preview	Requires hosting and running the feature on a different domain and self-managed instances may not want to communicate with 3rd party domains	gitlab-org/gitlab#205365 (closed)	Dev:Create:Editor	@ericschurter
Phabricator Importer	This importer is incomplete and was put behind a feature flag and defaulted to OFF in order to gain feedback before releasing it for everyone.	gitlab-org/gitlab#281610 (closed)	Dev:Manage:Import	@hdelalic
Misc. import	There are several feature flags associated with the group::import which will require some research to decide if they should be enabled by default. An issue was created to track that research.	gitlab-org/gitlab#282245 (closed)	Dev:Manage:Import	@hdelalic

• @jramsay - Group Manager, Create
• @danielgruesso - PM, Create:Source Code
• @phikai - Sr. PM, Create:Code Review
• @jeremy - Group Manager, Manage
• @mattgonzales - Sr. PM, Manage:Compliance
• @hdelalic - Sr. PM, Manage:Import
• @mushakov - Sr. PM, Manage:Access
• @ljlane - Sr. PM, Manage:Optimize
• @ericschurter - Sr. PM, Create:Editor
• @gweaver - Sr. PM, Plan:Project Management
• @cdybenko - Sr. PM, Plan:Product Planning
• @mjwood - Sr. PM, Plan:Certify
• @mjwood - Sr. PM, Create:Gitaly
• @deuley - Sr. PM, Ecosystem

Sec Section

Feature	Why is it not on by default today?	On by default issue	Section:Stage:Category	PM

• @stkerr - Pricipal PM, Secure:Fuzz Testing
• @NicoleSchwartz - PM, Secure:Composition Analysis
• @tmccaslin - Sr. PM, Secure:Static Analysis, no feature flags used for things that are not actively in development.
• @derekferguson - Sr. PM, Secure:Dynamic Analysis
• @sam.white - Sr. PM, Protect
• @matt_wilson - Sr. PM, Secure

Ops Section

Feature	Why is it not on by default today?	On by default issue	Section:Stage:Category	PM
Pages Access Control	The feature must be set by admin, since default behavior is to match the repository setting	No issue needed.	groupprogressive delivery	@ogolowinski
Vault Integration	Requires a Vault Instance to work.	Bundling Vault was not something users wanted since many of them already have a Vault.	groupconfigure	@nagyv-gitlab
Auto rollback in case of failure	This action can be harmfull as it over-rides the current deployment and currently happens for any critical alert. Some users prefer to manually rollback and not automatically. A setting was added to enable/disable this activity	No issue created	devopsrelease Continuous Delivery	@ogolowinski
Optional cache on failure	The default behavior is cache on success	gitlab-org/gitlab#270580	grouppipeline authoring	@dhershkovitch
GitLab Kubernetes Agent	It was not considered stable enough. We plan enabling it by default once it's ready for gitlab.com.	gitlab-org/gitlab#273372 (closed)	groupconfigure	@nagyv-gitlab
metrics_dashboard_exhaustive_validations	Hidden behind feature flag due to regression, now the team is disbanded	#1736 (closed)	~"group::monitor"	@sarahwaldner
settings_operations_prometheus_service	Behind feature flag, because it is part of a larger move	gitlab-org/gitlab#24651 (closed) #1736 (closed)	~"group::monitor"	@sarahwaldner
prometheus_computed_alerts	Unsure	#1736 (closed)	~"group::monitor"	@sarahwaldner
Go Proxy	This Community Contribution is still behind a feature flag due to concerns about scalability. The Contribution is still in progress.	gitlab-org/gitlab#220628 (closed), gitlab-org/gitlab#218083 (closed), gitlab-org/gitlab#220626 (closed), gitlab-org/gitlab#224021 (closed)	~"group::package"	@trizzi
Dependency Proxy	The feature is available by default for public projects, but not private projects. The linked issue is in progress and will be done in 13.7. (sooner for GitLab.com)	gitlab-org/gitlab#11582 (closed)	~"group::package"	@trizzi

• @jheimbuck_gl - Sr. PM, Verify:Testing
• @thaoyeager - Sr. PM, Verify:CI
• @dhershkovitch - Sr. PM, Pipeline Authoring
• @trizzi - Sr. PM, Package
• @DarrenEastman - Sr. PM, Verify:Runner
• @ogolowinski - Sr. PM, Release:Progressive Delivery
• @jreporter - Sr. PM, Release:Release Management
• @kbychu - Group Manager, Configure and Monitor
• @nagyv-gitlab - Sr. PM, Configure
• @sarahwaldner - Sr. PM, Monitor:Health