Run Compliance Framework pipeline in MRs that originate in forks of the CF-labeled project
Release notes
Compliance Framework could previously not be used to run a compliance pipeline in an MR that originated from a fork of the CF-labeled project. We changed the CF behaviour to ignore the fact that the MR's source project may be not be labeled with the same CF as the target project.
Problem to solve
See above and this example.
This could also be considered a bugfunctional and it was reported by a very large GitLab Ultimate customer internally.
Proposal
Ensure that CF pipelines run for all MRs, regardless of the MR's source project's namespace.
Essentially, this is an alternative to an org enforcing usage of something like our security-research/gitleaks-endpoint-installer
for all users.
Another alternative would be to auto-apply the CF label to the fork.
Intended users
Feature Usage Metrics
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.