Option to enforce the instance-level "Maximum file size" push rule
Problem to solve
It's currently possible to Override global push rules per project. While this makes sense for some of them, Maximum file size
specifically is something that GitLab administrators might want to enforce globally to ensure stable performance across all repositories.
A way to make this setting enforced and not overridable at a lower level would help solve this need.
Target audience
- Sidney, Systems Administrator, https://design.gitlab.com/research/personas#persona-sidney
Further details
I'd like this to apply to regular files, not LFS (which can be a separate option). Our goal is to enforce good practice with LFS and prevent git clones from growing to gigabytes with everyone dumping binary files into them. It's one of the benefits we saw after moving off GitHub (example project: a new clone dropped from 4 GB to 30 MB + 200 MB LFS download) and currently the only way we can enforce this is by editing the EE code after every update.
Proposal
Make the global maximum file size limit setting be a strict upper limit for all projects across the server instead of just a default value. Individual projects can still override the global limit, but only to a smaller value (which does not include 0=unlimited). System administrators only can override the limit on a per-project basis to a higher value. To ease implementation from GitLab's side this latter feature could be restricted to the gitlab-rails console so no web UX work is needed.
What does success look like, and how can we measure that?
Success is if an unmodified EE instance can be configured in a way that prevents new or existing projects to specify a maximum file size limit that's larger than the global value, or to opt out of file size limits if one is globally configured.