Evaluate group-level compliance pipeline configuration
Release notes
Problem to solve
#254389 (closed) provides an ability to define group-level compliance pipeline configurations.
When this is configured, the group-level compliance pipeline configurations is triggered whenever a commit is pushed to the project.
It's up to the maintainer of the framework YAML to ensure that there is a callback to the relative project .gitlab-ci.yml
being built.
An example group-level compliance pipeline configuration is as stated below:
compliance:
trigger:
project: gitlab-org/compliance
file: hipaa/.gitlab-ci.yml
project-pipeline:
trigger:
include: $CI_PROJECT_CONFIG_PATH
Intended users
User experience goal
Proposal
- Add a new source in the list of Pipeline chain config (add it as the first option, since it has the highest precedence)
-
content
for the compliance source type will be obtained from #254389 (closed) (for e.g.project.group.compliance_pipeline_configuration
)
def content
return unless project
strong_memoize(:content) do
next unless project.group.compliance_pipeline_configuration
YAML.dump('include' => [{ 'file' => project.group.compliance_pipeline_configuration }])
end
end
Feature flag
Name: ff_evaluate_group_level_compliance_pipeline
Disabled by default
Further details
Permissions and Security
Links / references
Edited by Aishwarya Subramanian