Discovery: Export group-level compliance reports as a CSV

Problem to solve

Customers do not have a simple, fast way to easily digest compliance information from their groups. If an administrator or group owner wants to provide a report to audit or compliance stakeholders about the status of a group, they cannot do so easily at present. There is no simple, single source of truth for compliance status reports.

Intended users

Further details

There are several issues pertaining to exporting data from GitLab that could fit into an epic for this. To name just a few:

There appears to be a high level of demand for exporting data from GitLab for an organization's internal processes or procedures.

Note: This issue will necessarily need to support flexible ways for customers to ingest the data (not exhaustive): GitLab UI, API, and webhooks.

Proposal

Provide a Download CSV option at the group-level with customizable filters that enables customers to specify the data set they'd like to retrieve.

Download Modal Output
A modal to show options for selecting export options Example of output file using chosen filters.

The CSV should include information about:

  • A list of Merge Requests
    • Date
    • Author
    • Approver(s)
    • branch
    • commit hashes
  • The issue(s) related to each MR
    • ID
    • Author
    • Linked MR ID
  • What pipeline(s) ran for each MR
    • Pipeline ID
    • Pass/Fail status of the pipeline(s)
    • Jobs linked to the pipeline(s)

MVC

The MVC for this feature could be a report showing only the information contained within the current group-level compliance dashboard since this is all MR activity within a group.

It should provide the data points listed under A list of Merge Requests in the proposal above.

Permissions and Security

This report should only be available to group owners or above.

Edited by Matt Gonzales (ex-GitLab)