Define CODEOWNERS outside of project repository

Problem to solve

The addition of defining CODEOWNERS for a project allows us to dynamically set merge request approvers based on file changes. The definition of what files belong to which users/groups currently must be checked-in to the project repository for it to take affect.

My team manages over 100 separate projects which means a new branch, a commit, and a merge request for all 100 projects if we think a new rule is required. Distributed changes like this, in my experience, get pushed down the priority list for being very manual and time-consuming. Essentially they never get done, making this feature very ineffective and possibly risky.

Intended users

Developers, GitLab administrators, compliance process owners

Further details

Proposal

Define a CODEOWNERS file URL setting per project or group so that only a single file change is required to update multiple projects.

Permissions and Security

Standard permissions and security for project/group level settings would apply.

Documentation

n/a

Testing

This setting may conflict with existing CODEOWNERS file in a repository and a decision must be made on which takes precedence.

What does success look like, and how can we measure that?

A single CODEOWNERS file change could affect the code owner status of many (100s, 1000s?) projects simultaneously.

Links / references