Create a GitLab Admin namespace to administer Sign-up/in restrictions and abuse reports
Problem
As a GitLab Admin you can edit domains and email addresses in the Sign-up/Sign-in Restriction section of the Application Settings (General). For GitLab.com that would be: https://gitlab.com/admin/application_settings/general
There is however no Change Management in place and anyone with Admin access on a GitLab instance can change these settings. Additionally there is no easy way to audit the domains/email addresses in the restriction lists.
Abuse reports create on GitLab can't be tracked once removed from the admin panel (for GitLab.com that is here: https://gitlab.com/admin/abuse_reports) and there is also no change management/audibility option.
Proposal
By default there should be a top level GitLab Admin
namespace created when you create your own GitLab instance (and on GitLab.com). Under that namespace you will find a repo where you can add/edit domains/email addresses of the sign-up restrictions and a second one for the sing-in restrictions which the application pull from to enforce the rules.
This Namespace should only be accessible to GitLab Admins.
This would allow for the easy implementation of a change management and could lead to other future integrations/automation for preventing abusive sign-ups as well as improve audibility.
This Namespace could also be used to house an Abuse Report project and abuse reports created on GitLab can create GitLab Alerts in this project which could be triaged and worked from there (Currently abuse reports can't be tracked once you remove them from the admin panel).
/cc @brainsbrains for additional input
@gitlab-com/gl-security/security-operations/trust-and-safety for input/visibility