Assign custom Compliance Framework Labels to projects

Problem to solve

Under #255340 (closed) we introduced the ability for group owners to create, update and delete Compliance Framework Labels. Now we need to allow them to be applied to projects within the group.

Note: It is already possible to apply one of the 5 default Compliance Framework Labels to a project. This issue is about the need to apply any one custom Compliance Framework Label to a project.

Intended users

• Cameron (Compliance Manager)

User experience goal

Only Group Owners , project owners and project maintainers should be able to apply one of the available Compliance Framework Labels to a project.

Proposal

• The Project settings should include a section Compliance Framework Labels.
• In that section, group owners should be able to apply only one of the available Compliance Framework labels to the project.
• Compliance Framework Labels are "available" if they have been defined at the root group level.

Permissions and Security

• Add expected impact to Maintainer (40) members
• Add expected impact to Owner (50) members -->

Implementation Plan backend

• Update assignment form in projects/edit to allow choice of a project group's compliance frameworks.
• Update standard rails views/controllers rather than implement a GraphQL mutation.

What is the type of buyer?

GitLab Premium

Documentation

https://docs.gitlab.com/ee/user/project/settings/#compliance-framework