Put allow_composite_identities_to_run_pipelines behind ff
What does this MR do and why?
This MR backports a fix that didn't get into 17.11 release: Put allow_composite_identities_to_run_pipelines... (!187953 - merged).
It disables the functionality that allows running CI pipelines on MRs created by composite identities only when the flag is explicitly enabled: https://gitlab.com/gitlab-org/gitlab/-/issues/512509+.
After the testing, it was identified that the behavior is disruptive and unintuitive and now jeopardizes the successful release of Amazon Q functionality, which can be considered S1/S2 bug.
The simplest way to fix it is to put the actual check behind a feature flag. The original MR includes a database migration and was also backported to older releases: https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4801+, so just reverting it is a more complicated option.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
This MR is backporting a bug fix, documentation update, or spec fix, previously merged in the default branch. -
The MR that fixed the bug on the default branch has been deployed to GitLab.com (not applicable for documentation or spec changes). -
This MR has a severity label assigned (if applicable). -
Set the milestone of the merge request to match the target backport branch version. -
This MR has been approved by a maintainer (only one approval is required). -
Ensure the e2e:test-on-omnibus-ee
job has either succeeded or been approved by a Software Engineer in Test.
Note to the merge request author and maintainer
If you have questions about the patch release process, please:
- Refer to the patch release runbook for engineers and maintainers for guidance.
- Ask questions on the
#releases
Slack channel (internal only).