CODEOWNERS Functionality to Support Inherited Group Memberships

Proposal

We are a GitLab Premium customer currently in the process of onboarding to GitLab. We have encountered an issue that prevents us from effectively using the CODEOWNERS functionality due to the large number of repositories we manage (thousands).

Our organization utilizes an internal IAM system that interacts with GitLab APIs to add users to specific groups (both top-level and one level below). These groups and subgroups (2 levels in total) contain projects where we expect the CODEOWNERS feature to function with user roles or groups inherited from these groups. However, the current implementation requires users to be added directly to projects for CODEOWNERS to work, which is not feasible for us.

To address this, we are considering adding direct memberships to projects based on the inheritance model, but this approach could introduce significant complexity into our IAM system to support the CODEOWNERS functionality.

We are seeking a solution or workaround to this issue.

Related Issues and Epics

• GitLab Issue #288851
• Comment when this functionality was reverted as per design

What does success look like, and how can we measure that?

Success would be the ability to utilize the CODEOWNERS functionality with users and groups inherited from top-level and subgroup memberships without needing to add users directly to each project. This would streamline our IAM processes and reduce complexity.

Additional Considerations

• Explore potential workarounds or solutions to enable CODEOWNERS functionality with inherited group memberships.
• Investigate the possibility of reverting the feature regression mentioned in the linked comment.