Compliance features

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

Organizations have strict compliance challenges and we should help them overcome those challenges.

Further details

A non-exhaustive list of compliance challenges:

1. Principle of least permissions - being able to prove that only people with the need for access have that access.
2. Establish, enforce, and audit who can deploy to production. e.g. Operators or Masters
3. Establish, enforce, and audit under what circumstances someone can deploy to production. e.g. security tests are mandatory

Proposal

1. Add a Compliance page to projects, groups, and/or instances
2. ...
3. Profit

What does success look like, and how can we measure that?

1. Companies that require SOC 2 compliance happily use our CI/CD pipelines without needing any external tools.

Links / references

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.