Allow for use of more than one compliance pipeline configuration

Problem to solve

As we work towards improving the concept of required pipeline configuration, one of the biggest challenges is the lack of flexibility in using these compliance pipeline configurations. Currently, only a single template can be used to enforce required CI jobs on all projects in a namespace. There is no way to allow for the use of multiple templates to enable customers to dynamically apply configurations based on criteria such as compliance framework labels or the type of runtime environment.

Intended users

• Cameron (Compliance Manager)
• Sidney (Systems Administrator)

Proposal

Expand the required pipeline configuration concept to allow for multiple configurations to be applied, dynamically, to projects based on a compliance framework label.

In the event a project has no labels applied, the project should use a Default Configuration. The jobs in this configuration should be hard-coded or otherwise forced to allow_failure: true so they are non-blocking but still provide some elements of due diligence and reporting.

Further details

We should expand this to allow for more specific targeting, such as: "Apply Configuration A to projects that are labeled as SOX AND Linux.