Group-level setting for default compliance framework to apply to new projects
This issue and linked pages contain information related to upcoming products, features, and functionality. It is important to note that the information presented is for informational purposes only. Please do not rely on this information for purchasing or planning purposes. As with all projects, the items mentioned in this video and linked pages are subject to change or delay. The development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.
Release notes
Problem to solve
Today users set up compliance frameworks in their groups and apply them to projects. This allows them to segment which projects need additional controls and enforce compliance pipelines where applicable. However, users must manually add the frameworks to projects as they are created. This is time consuming to check when projects are made and to manually set the framework to apply.
Proposal
Provide a group-level setting to specify a default compliance framework that should be added to all newly created projects in the group. See attached design file for UX.
- Note that there should be an option for
None
(or similar) to allow the user to not provide any default compliance framework if they do not wish to.
Design
List | Set default | Remove default |
---|---|---|
What is the type of buyer?
Implementation plan
database
- Add a migration to add
default_compliance_framework
(INT) as a new column to thenamespace_settings
table.
backend
- Update
ee/app/services/ee/projects/create_service.rb
so that whenever a new project is under a group and the group has set a default compliance framework then create a newComplianceManagement::ComplianceFramework::ProjectSettings
withproject_id
as the current project andframework_id = project.root_namespace.default_compliance_framework.id)
. We can define a methoddefault_compliance_framework
ingroup.rb
as follows:
def default_compliance_framework
default_compliance_framework_id = namespace_settings.default_compliance_framework
ComplianceManagement::Framework.where(id: default_compliance_framework_id)
end
- Whenever a framework is deleted check if it is the default framework, in case it is then prevent the deletion and show an error message to the user.
frontend a big
Related issue to update the list to match the designs: Compliance Framework – Update settings (#371013 - closed)
- Update the GraphQL query to also fetch the
default
status of each framework. - Add a mutation to the list view to set the
default
attribute of a framework. - Add an ellipses icon in a
GlButton
to the end of the actions. - Move the delete action to the ellipses dropdown.
- Note: Default frameworks cannot be deleted.
- Add an action for marking the framework as
default
when not default. - Add an action for removing the
default
status of a framework when it is default. - Update
list_item.vue
to display aGlBadge
when the item isdefault
. - Update specs.
- Update documentation.
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.