►
From YouTube: GitLab 13.10 - Manage:Compliance
Description
Learn about what the Compliance group is working on for 13.10
A
So
let's
take
a
quick
look:
we're
working
on
continuing
our
efforts
in
a
couple
of
large
areas.
The
first
one
is
the
group
level
merge,
request
approval
rules,
so
the
goal
here
is
to
be
able
to
have
your
merchandise
approval
rule
settings
carried
down,
from
instance,
to
group,
to
subgroup
and
the
project
levels
and
for
required
or
compliance
regulated
projects
to
then
have
those
be
enforced.
A
So
the
general
logic
here
will
be
the
settings
will
always
carry
through,
but
for
unregulated
or
normal
projects
you
can
edit
them,
but
for
regulated
projects
those
settings
are
carried
down
will
actually
be
locked,
and
this
way
you
can
enforce
certain
approval
rules
for
projects
where
you
need
to
which
have
again,
which
will
flood
a
certain
compliance
frameworks,
and
you
can
see
here
that
how
that
is
applied.
So
a
couple
of
things
here
that
we're
working
on
debate.
A
The
main
thing
is
that
in
this
point
in
time,
we're
largely
working
on
building
out
the
group
merge
request
approval
workflow,
so
we're
actually
working
to
replicate
some
of
those
various
options
like
removing
all
approvals
when
equipments
are
pushed,
and
things
like
that
and
building
those
out
in
that
initial
group
group
workflow.
A
So
that's
kind
of
what
we're
working
on
here
with
a
couple
of
those
items
that
we're
working
and
just
overall
helping
to
build
up
that
initial
workflow
and
then
once
that's
worked
out
of
course,
then
they
can
start
to
actually
work
on
carrying
those
and
passing
those
settings
through
next
up,
we
are
working
on
allowing
group
owners
to
define
compliance
with
the
configurations
again.
This
is
a
broader
effort
here
that
we
are
continuing
in
13.10.
A
A
Sox
project
compliance.ciaml
be
combined
with
with
their
own
ciamo,
and
that
way
you
can
have
certain
jobs
that
are
required
to
run
the
part
that
we're
working
on
right
now
is
actually
building
out
the
ability
to
create
these
compliance
frameworks
and
also
to
control
which
ones
apply
to
which
projects,
and
so
you
can
see
here
we're
working
on
creating
that
framework
page
allowing
you
to
edit
it
as
part
of
this
release,
and
you
can
see
a
mock-up
right
here,
but
we
look
what
we
think
that
will
look
like.
A
So
here
is
your
your
group
or
your
project,
and
you
can
apply
those
various
frameworks
that
you've
configured
previously.
A
So
that's
the
work
going
on
on
the
public
configuration
we're
also
doing
a
couple
other
smaller
items
here
we
are
working
to
add
gpg,
keys
to
the
admin
credentials,
workflow
and
so
we're
continuing
that
work
by
having
them
show
up
now.
You
know
pats
and
ssh.
Ssh
keys
are
already
part
of
that
workflow
and
so
we're
just
rounding
out
the
list
of
of
other
access
credentials
that
can
be
utilized.
A
We're
also
working
on
the
backup
implementation
for
being
able
to
essentially
block
an
mrf
being
merged
if
it
hasn't
been
associated
to
a
jira
issue.
The
goal
here
is
to
really
kind
of
increase,
the
rate
at
which
mrs
have
been
linked
and
that's
where
you
can
enforce
that
from
happening
before
they
get
merged.
If
you
would
so
like
to
the
last
item,
here
is
continued
work
on
our
ability
to
have
an
external
api
for
approval
rules.
A
Some
customers
find
that
our
approval
rule
framework
isn't
as
customizable
as
they
need
and
they
want
additional
logic
of
business
logic
to
apply,
and
so
we're
working
on
an
external
api
which
we
can
call
and
then
they
can
run
whatever
logic
they
want
to
run
to
ensure
that
that
user
can
actually
approve,
or
that
merger
press
actually
can
get
approved
and
then
merged,
and
so
this
way
it's
really
makes
it
very
extensible
for
these
more
narrower
use
cases
of
of
approval
rules,
and
so
for
this
release.