Prevent changes to compliance framework project labels by maintainers

Release notes

Problem to solve

We introduced compliance framework project settings in %12.10 to help reduce the blast radius of compliance controls and provide an indication that projects had specific compliance requirements. Currently, this setting can be modified by maintainers which some compliance-minded organizations prefer not be possible. Since these labels can be the difference between enforcing strict requirements and allowing those requirements to be bypassed, customers need to be able to restrict who can modify this setting.

Intended users

• Cameron (Compliance Manager)
• Sidney (Systems Administrator)

User experience goal

A project maintainer should not be able to modify a project's compliance framework label setting. An admin and group owner should be able to modify a project's compliance framework label setting.

Proposal

Allow only admins and group owners to modify the compliance framework label setting in a project.

Place this setting into a read-only state for non-admins and non-owners.