You need to sign in or sign up before continuing.

Update Security template guidance to prefer components over templates

Problem to solve

After the launch of cicomponents, the sectionsec has been slow to prioritize component adoption over the legacy template usage. While the usage and capabilities vary, the future of CI configuration leans towards components and we should align with the rest of the company direction.

Proposal

Prework

Evaluate whether templates can be completely replaced with components
Resolve drift between templates and components

Unification timeline

Update sec analyzer configuration documentation to prefer CI components over templates
Establish unification timeline
Consider monitoring template usage to adjust deprecations around existing users

Auto-Summary 🤖

Discoto Usage

Points

Discussion points are declared by headings, list items, and single lines that start with the text (case-insensitive) point:. For example, the following are all valid points:

#### POINT: This is a point

* point: This is a point

+ Point: This is a point

- pOINT: This is a point

point: This is a **point**

Note that any markdown used in the point text will also be propagated into the topic summaries.

Topics

Topics can be stand-alone and contained within an issuable (epic, issue, MR), or can be inline.

Inline topics are defined by creating a new thread (discussion) where the first line of the first comment is a heading that starts with (case-insensitive) topic:. For example, the following are all valid topics:

# Topic: Inline discussion topic 1

## TOPIC: **{+A Green, bolded topic+}**

### tOpIc: Another topic

Quick Actions

Action Description

/discuss sub-topic TITLE Create an issue for a sub-topic. Does not work in epics

/discuss link ISSUABLE-LINK Link an issuable as a child of this discussion

Action	Description
`/discuss sub-topic TITLE`	Create an issue for a sub-topic. Does not work in epics
`/discuss link ISSUABLE-LINK`	Link an issuable as a child of this discussion

Last updated by this job

TOPIC Evaluate whether templates can be completely replaced with components #489904 (comment 2113253519)
TOPIC Monitoring template usage to adjust deprecations around existing users #489904 (comment 2113261070)
- Component usage monitoring https://10az.online.tableau.com/#/site/gitlab/workbooks/2489675/views #489904 (comment 2119853924)
- Template usage monitoring https://10az.online.tableau.com/#/site/gitlab/views/VerifyPerformanceIndicatorDashboard/VerifySelf-ManagedPerformanceIndicators?:iid=1 #489904 (comment 2119853924)
TOPIC The CI/CD components versioning system and its impact on the User Experience for Secure features enablement and configuration. #489904 (comment 2115705213)
TOPIC Execution Policies depends on CI templates #489904 (comment 2172295365)
TOPIC CI/CD components are not vendored in GitLab rails app and gitlab.com's CI/CD catalog is not accesible from self-managed and dedicated instances #489904 (comment 2173562440)

Discoto Settings

---
summary:
  max_items: -1
  sort_by: created
  sort_direction: ascending

See the settings schema for details.

Edited Aug 05, 2025 by 🤖 GitLab Bot 🤖