Skip to content

Enforce instance and namespace level merge method

Andrea Galbusera requested to merge gizero/gitlab:application_settings_merge_method into master

What does this MR do?

Related to #35266

Closes #1180

Adds the options to set a merge method for new repositories at instance-level and at namespace (group) level. Also allows to enforce such settings by leveraging the cascading settings framework (introduced by !55678 (merged)).

Screenshots

Enforce from Admin Area
Admin Area Group Subgroup Project User Namespaced Project
Screenshot_2021-11-01_at_22.02.52_-Admin_lock-_Admin_Area Screenshot_2021-11-01_at_22.03.19_-Admin_lock-_Group Screenshot_2021-11-01_at_22.04.05_-Admin_lock-_Subgroup Screenshot_2021-11-01_at_22.04.51_-Admin_lock-_Project Screenshot_2021-11-01_at_22.06.46_-Admin_lock-_User_namespaced_project
Screenshot_2021-11-01_at_22.03.47_-Admin_lock-_Group_popover Screenshot_2021-11-01_at_22.04.23_-Admin_lock-_Subgroup_popover Screenshot_2021-11-01_at_22.05.06_-Admin_lock-_Project_popover Screenshot_2021-11-01_at_22.07.01_-Admin_lock-_User_namespaced_project_popover
Enforce from root group
Admin Area Group Subgroup Project User Namespaced Project
Screenshot_2021-11-01_at_22.24.55_-Group_lock-_Admin_Area Screenshot_2021-11-01_at_22.25.36_-Group_lock-_Group Screenshot_2021-11-01_at_22.26.44_-Group_lock-_Subgroup Screenshot_2021-11-01_at_22.27.36_-Group_lock-_Project Screenshot_2021-11-01_at_22.30.32_-Group_lock-_User_namespaced_project
Screenshot_2021-11-01_at_22.27.02_-Group_lock-_Subgroup_popover Screenshot_2021-11-01_at_22.27.49_-Group_lock-_Project_popover
Enforce from subgroup
Admin Area Group Subgroup Project User Namespaced Project
Screenshot_2021-11-01_at_22.43.00_-Subgroup_lock-_Admin_Area Screenshot_2021-11-01_at_22.43.08_-Subgroup_lock-_Group Screenshot_2021-11-01_at_22.43.27_-Subgroup_lock-_Subgroup Screenshot_2021-11-01_at_22.44.00_-Subgroup_lock-_Project Screenshot_2021-11-01_at_22.45.03_-Subgroup_lock-_User_namespaced_project
Screenshot_2021-11-01_at_22.44.21_-Subgroup_lock-_Project_popover
No enforcement
Admin Area Group Subgroup Project
Screenshot_2021-07-21_at_18-12-37_Repository___Admin_Area Screenshot_2021-07-21_at_18-12-50_Repository___Settings___Gitlab_Org Screenshot_2021-07-21_at_18-13-05_Repository___Settings___GitLab_Sub Screenshot_2021-07-21_at_18-13-18_General___Settings___Gitlab_Org_GitLab_Sub_GitLab_Subproject

Migrations

This MR introduces two new DB migrations.

UP

$ bundle exec rails db:migrate:up VERSION=20220404055410
== 20220404055410 AddMergeMethodCascadingSetting: migrating ===================
-- column_exists?(:namespace_settings, :merge_method)
   -> 0.0040s
-- column_exists?(:namespace_settings, :lock_merge_method)
   -> 0.0026s
-- column_exists?(:application_settings, :merge_method)
   -> 0.0945s
-- column_exists?(:application_settings, :lock_merge_method)
   -> 0.0980s
-- add_column(:namespace_settings, :merge_method, :integer, {:limit=>2, :default=>nil, :null=>true})
   -> 0.0038s
-- add_column(:namespace_settings, :lock_merge_method, :boolean, {:default=>false, :null=>false})
   -> 0.0068s
-- add_column(:application_settings, :merge_method, :integer, {:limit=>2, :default=>0, :null=>false})
   -> 0.0034s
-- add_column(:application_settings, :lock_merge_method, :boolean, {:default=>false, :null=>false})
   -> 0.0020s
== 20220404055410 AddMergeMethodCascadingSetting: migrated (0.2157s) ==========

$ bundle exec rails db:migrate:up VERSION=20220404205154
== 20220404205154 AddMergeRequestsMergeEnabled: migrating =====================
-- add_column(:projects, :merge_requests_merge_enabled, :boolean, {:null=>false, :default=>false})
   -> 0.0060s
== 20220404205154 AddMergeRequestsMergeEnabled: migrated (0.0061s) ============

DOWN

$ bundle exec rails db:migrate:down VERSION=20220404205154
== 20220404205154 AddMergeRequestsMergeEnabled: reverting =====================
-- remove_column(:projects, :merge_requests_merge_enabled)
   -> 0.0112s
== 20220404205154 AddMergeRequestsMergeEnabled: reverted (0.0113s) ============

$ bundle exec rails db:migrate:down VERSION=20220404055410
== 20220404055410 AddMergeMethodCascadingSetting: reverting ===================
-- column_exists?(:namespace_settings, :merge_method)
   -> 0.0047s
-- remove_column(:namespace_settings, :merge_method)
   -> 0.0051s
-- column_exists?(:namespace_settings, :lock_merge_method)
   -> 0.0026s
-- remove_column(:namespace_settings, :lock_merge_method)
   -> 0.0012s
-- column_exists?(:application_settings, :merge_method)
   -> 0.1043s
-- remove_column(:application_settings, :merge_method)
   -> 0.0048s
-- column_exists?(:application_settings, :lock_merge_method)
   -> 0.0980s
-- remove_column(:application_settings, :lock_merge_method)
   -> 0.0020s
== 20220404055410 AddMergeMethodCascadingSetting: reverted (0.2232s) ==========

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Andrea Galbusera

Merge request reports