_This issue and linked pages contain information related to upcoming products, features, and functionality. It is important to note that the information presented is for informational purposes only. Please do not rely on this information for purchasing or planning purposes. As with all projects, the items mentioned in this video and linked pages are subject to change or delay. The development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc._ <!-- ### Release notes What is the problem and solution you're proposing? This content sets the overall vision for the feature and serves as the release notes that will populate in various places, including the [release post blog](https://about.gitlab.com/releases/categories/releases/) and [Gitlab project releases](https://gitlab.com/gitlab-org/gitlab/-/releases). " --> ### Problem to solve <!-- What is the user problem you are trying to solve with this issue? --> > See full context in the [parent epic](https://gitlab.com/groups/gitlab-org/-/epics/6671) The 4 options that are currently available for default branch protections do not cover all the variations of the protected branch. ### Proposal <!-- Use this section to explain the feature and how it will work. It can be helpful to add technical details, design proposals, and links to related epics or issues. --> Replace the `form-select` with a `form-group` that matches protected branch options. From discussion [here](https://gitlab.com/gitlab-org/gitlab/-/issues/340401#note_1325573611) re-order the list to `no one`, `maintainer`, `developers` **Admin area** | Not protected | Protected (Default) | | ------------- | ------------------- | | | | **Group** | Allow owners to make changes | Only administrators can make a change | | :---------------------: | :-----------------------------------: | |  <br> Admins always have control |  <br> Disable the group | ## References [Open Figma →](https://www.figma.com/file/mfWie0YINLyiQBui4ddzhM/%F0%9F%94%92-and-6671-Finer-grained-control-over-default-branch-protections?node-id=1968%3A22512) <!--- ## Who is the buyer? gitlab~2278657 Use the following resources to find the appropriate labels: - https://gitlab.com/gitlab-org/gitlab/-/labels - https://about.gitlab.com/handbook/product/categories/features/ Consider adding related issues and epics to this issue. You can also reference the Feature Proposal Template (https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/issue_templates/Feature%20proposal%20-%20detailed.md) for additional details to consider adding to this issue. Additionally, as a data oriented organization, when your feature exits planning breakdown, consider adding the `What does success look like, and how can we measure that?` section. Other sections to consider adding: ### Intended users Who will use this feature? If known, include any of the following: types of users (e.g. Developer), personas, or specific company roles (e.g. Release Manager). It's okay to write "Unknown" and fill this field in later. Personas are described at https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/ * [Cameron (Compliance Manager)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#cameron-compliance-manager) * [Parker (Product Manager)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#parker-product-manager) * [Delaney (Development Team Lead)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#delaney-development-team-lead) * [Presley (Product Designer)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#presley-product-designer) * [Sasha (Software Developer)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#sasha-software-developer) * [Devon (DevOps Engineer)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#devon-devops-engineer) * [Sidney (Systems Administrator)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#sidney-systems-administrator) * [Sam (Security Analyst)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#sam-security-analyst) * [Rachel (Release Manager)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#rachel-release-manager) * [Alex (Security Operations Engineer)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#alex-security-operations-engineer) * [Simone (Software Engineer in Test)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#simone-software-engineer-in-test) * [Allison (Application Ops)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#allison-application-ops) * [Priyanka (Platform Engineer)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#priyanka-platform-engineer) * [Dana (Data Analyst)](https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#dana-data-analyst) ### User experience goal What is the single user experience workflow this problem addresses? For example, "The user should be able to use the UI/API/.gitlab-ci.yml with GitLab to <perform a specific task>" https://about.gitlab.com/handbook/engineering/ux/ux-research-training/user-story-mapping/ ### Further details Include use cases, benefits, goals, or any other details that will help us understand the problem better. ### Permissions and Security <!-- What permissions are required to perform the described actions? Are they consistent with the existing permissions as documented for users, groups, and projects as appropriate? Is the proposed behavior consistent between the UI, API, and other access methods (e.g. email replies)? Consider adding checkboxes and expectations of users with certain levels of membership https://docs.gitlab.com/ee/user/permissions.html * [ ] Add expected impact to members with no access (0) * [ ] Add expected impact to Guest (10) members * [ ] Add expected impact to Reporter (20) members * [ ] Add expected impact to Developer (30) members * [ ] Add expected impact to Maintainer (40) members * [ ] Add expected impact to Owner (50) members ### Documentation See the Feature Change Documentation Workflow https://docs.gitlab.com/ee/development/documentation/workflow.html#for-a-product-change * Add all known Documentation Requirements in this section. See https://docs.gitlab.com/ee/development/documentation/workflow.html * If this feature requires changing permissions, update the permissions document. See https://docs.gitlab.com/ee/user/permissions.html ### Availability & Testing This section needs to be retained and filled in during the workflow planning breakdown phase of this feature proposal, if not earlier. What risks does this change pose to our availability? How might it affect the quality of the product? What additional test coverage or changes to tests will be needed? Will it require cross-browser testing? Please list the test areas (unit, integration and end-to-end) that needs to be added or updated to ensure that this feature will work as intended. Please use the list below as guidance. * Unit test changes * Integration test changes * End-to-end test change See the test engineering planning process and reach out to your counterpart Software Engineer in Test for assistance: https://about.gitlab.com/handbook/engineering/quality/test-engineering/#test-planning ### What does success look like, and how can we measure that? Define both the success metrics and acceptance criteria. Note that success metrics indicate the desired business outcomes, while acceptance criteria indicate when the solution is working correctly. If there is no way to measure success, link to an issue that will implement a way to measure this. ### What is the type of buyer? What is the buyer persona for this feature? See https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/buyer-persona/ In which enterprise tier should this feature go? See https://about.gitlab.com/handbook/product/pricing/#three-tiers ### Is this a cross-stage feature? Communicate if this change will affect multiple Stage Groups or product areas. We recommend always start with the assumption that a feature request will have an impact into another Group. Loop in the most relevant PM and Product Designer from that Group to provide strategic support to help align the Group's broader plan and vision, as well as to avoid UX and technical debt. https://about.gitlab.com/handbook/product/#cross-stage-features --> <!-- triage-serverless v3 PLEASE DO NOT REMOVE THIS SECTION --> *This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.* <!-- triage-serverless v3 PLEASE DO NOT REMOVE THIS SECTION --> ### Implementation plan gitlab~3412464 weight estimated at :two: 1. Update `app/views/shared/_default_branch_protection.html.haml` to show the new options. 1. Update specs. gitlab~19806906 :eight: ### How it currently works 1. there are integer columns on the database tables ([application level](https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/db/structure.sql#L11325) and [group level](https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/db/structure.sql#L18833)) 2. these integers are mapped to a subset of protected branch settings * these mappings defined in [access.rb](https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/lib/gitlab/access.rb#L20-24) * mappings are used [here](https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/app/services/projects/protect_default_branch_service.rb#L13) via [`BranchProtection` helper](https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/lib/gitlab/access/branch_protection.rb) 3. when creating a default branch, those settings are passed into the [protected branch service](https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/app/services/projects/protect_default_branch_service.rb#L36-40) ### A strategy on how to support all protected branch features #### there are two assumptions I am making 1. we do not query on the existing columns nor will we need to 2. more setting may be added to the protected branches feature, making just adding more integer columns combinatorially not great given these assumptions we can support the existing protected branch featureset and have an easier time staying up to date on new protected branch features by using a `jsonb` column rather than an `integer` column in the database #### gameplan | **total weight 21** 1. https://gitlab.com/gitlab-org/gitlab/-/issues/408150 an MR that adds the `jsonb` columns at the ([instance level](https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/db/structure.sql#L11325) and [namespace level](https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/db/structure.sql#L18833)) tables :five: 2. https://gitlab.com/gitlab-org/gitlab/-/issues/408309 an MR to modify the existing endpoint to both update the existing columns and also update the new column :three: * https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/lib/api/settings.rb#L51 * https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/lib/api/helpers/groups_helpers.rb#L25 3. https://gitlab.com/gitlab-org/gitlab/-/issues/408153 an MR to backfill the new column :three: 4. https://gitlab.com/gitlab-org/gitlab/-/issues/408151 an MR to update the API to accept a new default branch payload :three: * the existing [default branch protection user docs](https://docs.gitlab.com/ee/user/project/repository/branches/default.html#protect-initial-default-branches) * the existing branch protection [api docs](https://docs.gitlab.com/ee/api/groups.html#options-for-default_branch_protection) * the payload should match the [protected branch API](https://docs.gitlab.com/ee/api/protected_branches.html#update-a-protected-branch) 5. https://gitlab.com/gitlab-org/gitlab/-/issues/408152 an MR with a FF to start using the new code path :three: * fetch settings from new columns and use [here](https://gitlab.com/gitlab-org/gitlab/-/blob/a804dbe3525ed030fe0ac438549ec0773a8fc2c4/app/services/projects/protect_default_branch_service.rb#L28-40) 6. https://gitlab.com/gitlab-org/gitlab/-/issues/408314 an MR to deprecate the old default branch API :two: 7. https://gitlab.com/gitlab-org/gitlab/-/issues/408315 an MR to remove the old default branch API :two: