►
From YouTube: How might we simplify settings inheritance?
Description
Two GitLab designers discuss how different settings are inherited through groups and projects.
A
Neat
so
yesterday
daniel
you
commented
that
you
had
a
related
issue
that
you
wanted
to
cover
together.
B
Yeah,
so
I
actually,
she
just
passed
this
issue
off
to
me
yesterday
in
our
one-on-one,
so
I
haven't
had
a
full
chance
to
understand
the
scope
apart
from,
if
we
think
about
how
settings
work
in
our
organization,
a
lot
of
them
are
based
specifically
at
the
object
they're
associated
to
not
in
an
organizational
inherited
model.
So
I
can
have
five
different
projects
that
have
different
behaviors,
despite
all
being
within
the
same
group,
for
no
particular
reason
so,
for
example,
like
project
deletion.
A
B
Owner
or
maintainer
of
content
within
my
group,
I
should
be
able
to
remove
or
delete
projects
or
assign
a
behavior
that's
standard
across
all
of
my
projects
within
my
group.
So
if
I
wanted
to
say,
for
example,
I
know
I'm
going
to
automatically
delete
a
project,
I
don't
need
them
to
sit
in
a
delayed
status
for.
A
B
X,
amount
of
time-
or
I
can
say
I
want
that
protection
across
all
my
groups,
despite
what
somebody
who
is
the
project
maintainer
within
that
level,
so
that
would
ensure
certain
sort
of
safety
or
protections,
and
so
this
sort
of
thinking
can
be
applied
to
any
number
of
things
that
hasn't
been
done,
and
so,
when
you
said
that
or
when
she
told
me
that
y'all
had
something
going
on
similar
to
this,
I
was
like
okay
well
right.
A
Yeah,
that
makes
sense
yeah.
The
issue
that
you
commented
on
for
us
was
the
one
where
we
were
essentially
creating
an
avenue
for
an
administrator
or
a
group
owner
to
push
down
their
push
rules
onto
their
groups
or
sorry
their
projects
that
have
already
existed
at
least
with
push
rules
when
you
have
defined
them
and
configure
them
at
a
group
level,
they
will
be
inherited
if
it's
a
new
project,
but
the
old
ones
don't
inherit
it.
That
probably,
is
to
prevent
some
things
from
breaking.
A
I
don't
know
exactly
what
all
those
edge
cases
might
be,
but
I
assume
people
have
their
workflows
and
they
might
not
want
to
force
those
settings
on
everyone,
but
we
had
heard
from
a
number
of
compliance
customers
that
they
were
having
to
go
into
each
project,
compare
and
contrast,
set
and
then
move
on
to
the
next
one
and
do
it
over
and
over
and
over
and
over
again,
which
could
be
very
cumbersome
for
a
large
team.
A
So
our
thought
was,
let's
start
with
something
pretty
small
by
just
giving
them
an
opportunity
to
see
which
ones
are
using
different
settings
and
then
see
how
they
would
want
to
move
from
there
in
terms
of
enforcing
that.
But
what
were
you
envisioning
doing
for
the
delayed
project
setting?
I
know
from
my
experience
I
believe,
when
it's
set
at
the
group
level.
A
B
And
so
I
think
the
idea
being
is
that
that
it
would
just
kind
of
force
it
from
the
top
down
and
not
have
that
sort
of
flexibility
or
freedom
at
that
point.
So
if
you
want
to
enable
the
flexibility,
you
then
would
disable
that
at
the
primary
level
at
the
group
by
saying,
allow
people
to
do
whatever
they
want
at
the
object
level
and
then
at
the
top
level.
You
could
just
say
this:
is
the
default
behavior
and
enforce
it
across
the
entire
organization.
B
So
it's
one
point
of
contact
where
they,
the
admin
would
make
that
determination.
If
they
need
that
flexibility
or
not,
and
if
not,
then
the
flexibility
is
open
to
whatever
they
want
to
do,
and
that's
sort
of
the
kind
of
initial
rough
draft
thought
of
it,
which
makes
tons
of
sense.
It's
like
okay,
well
yeah.
Why
hasn't
it
been
this
way
before,
where
you
have
one
simple
toggle,
so
to
speak,
or
a
setting
that
says,
enforce
this
globally
or
do
not
and
allow
enforcement
locally.
A
Yeah,
I
think
one
way
we
were
considering
helping
these
administrators
specify
the
granularity
of
who
they
want
to
inherit.
These
settings
was
by
continuing
to
evolve
the
compliance
frameworks,
so
there's
an
issue
to
introduce
the
ability
to
mark
a
compliance
framework
as
open
or
customizable
versus
a
regulated
one,
and
then
I
think
the
theory
that
we
want
to
introduce
over
time
is,
if
it's
a
regulated
compliance
framework,
you
can
force
the
projects
that
have
that
association
to
inherit
its
parent
settings
when
it's
not
something
that's
normally
inherited.
A
So
this
would
be
a
great
example
of
like
push
rules
or
delay
deletion
if
it's
like
buried
within
a
subgroup.
A
A
Yeah,
it
reminds
me
a
lot
of
what
I
think
libor
has
been
working
on
with
the
jira
integrations.
I
think
that's
at
the
group
level,
I'm
digging
through
my
gdk
right
now
to
see
if
I
can
see
if
it's
surfaced
yet
into
the
codebase
or
if
it's
still
an
idea
in
design
yeah.
Let
me
pulse
it
real,
quick.
A
So
the
way
they
introduced
their
mvc
for
inheritance
was
they
have
this
little
toggle
here,
essentially,
where
you
can
say,
okay
default
settings
are
inherited
from
the
instance
level,
but
we
want
to
use
custom
settings
so
you're
basically
saying
we're
going
to
divert
from
what
has
been
set
or
you
can
go
back
to
using
whatever
set
at
your
instance
level
and
it
locks
everything
down.
So
they
give
the
approach
of
we're
going
to
box
you
in.
But
if
you
want
to
unbox
yourself,
you
can.
B
See
I'm
looking
at
this
and
I
think
okay,
this
might
have
security
concerns
where,
if
someone
not
at
the
admin
level
says,
I
want
to
change
this
because
it's
my
project,
I
want
to
do
this.
The
way
I
want
I
was
like
well,
no
you're
part
of
the
organization
or
this
project
is
part
of
the
organization
that
needs
to
maintain
compliance
standards.
It
has
to
maintain
backup
security.
You
know
redundancy
to
make
sure
things
are
protected,
and
so
this
looks
like
too
much
flexibility
unless
I'm
not
understanding
or
misinterpreting
where
this
exists.
A
At
the
group
level,
I
think
you're
right,
that's
the
tricky
thing
about
the
inheritance
with
settings
and
like
enforcing
things
is
some
things
inherently
are
not
something
that
we
really
are
so
tied
to
in
terms
of
security,
compliance
like
giving
teams
the
flexibility
to
customize
their
jira,
that's
probably
necessary,
like
not
every
project's
going
to
use
the
same
jira
project
but,
like
you
said,
like
enforcing
a
soft
delay.
That
might
be
something
that
the
whole
company
wants
to
have,
and
they
don't
want
to
get
the
option
to
opt
out
of
it.
They
just
like.
A
No,
we
really
do
want
to
be
able
to
get
a
waiting
period
before
people
delete
stuff
for
whatever
reason,
or
even
more
specifically,
like
merge,
request
approvals.
B
B
I
think
if
we
do
like
a
categorization,
if
we
think
about
what
settings
or
features
our
actual
security
concerns
versus
like
it,
doesn't
really
matter
what
the
project
level
does,
if
they
do
that,
like
I
just
use
an
example
like
renaming
it,
I
don't
think
there's
a
strong
change
or
reason
to
restrict
something,
but
that's
something
we
can
definitely
get
feedback
on
right.
So,
like
say
what
are
the
top
five
things
that
should
be
100
lock
down?
A
B
Know
push
rules,
project
deletion,
the
the
five
things
that
people
have
most
concerned
about
and
we
can.
B
Do
like
a
simple
survey
on
that,
like
you
know,
to
send
out
an
email
for
research,
saying:
hey,
you're,
a
sysadmin
you're
a.
A
B
Owner
what
do
you
want
whenever
you
think
about
secure
settings
that
should
exist
inherited
across
your
organization
or
settings
that
you
don't
care
about?
So
we
perhaps
we
can
come
up
with
a
little
research
proposal
with
anna
to
try
and
come
up
with
a
mailer
for
that,
because
I
don't
think
we
need
real.
Like
interaction,
I
mean
honestly,
like
our
top
five.
A
Yeah
I
mean
it'd,
be
a
cool
card,
sorting
activity
if
we
just
like
kind
of
audited
our
settings
as
they
are
today
and
kind
of
group
them
into
different
categories
to
show
like
these
are
inherited
with
all
projects.
These
can
be.
If
you
do
this
method,
these
are
you
know.
The
wild
west
autodevops
is
another
example
where
they
have
their
version
of
inheritance,
where
it's
telling
you
where
it's
coming
from,
and
then
you
can
checkbox
it
and
say
we
want
projects
to
default.
B
Okay,
cool-
I
don't
know
who
else
we
would
want
to
include
like
perhaps
libor
in
regards
to
this
jira
work
or
hyanna,
was
doing
something
with
the
settings
in
total
yeah.
A
Michael
lee
is
taking
over
a
lot
of
the
restructuring
of
the
settings
layout.
A
A
Yeah,
I
can't
remember
exactly
who's.
Does
the
auto
devops
portion,
but
yeah
we
could
just
kind
of
be
bop
brown.
Obviously
we
just
share
it
in
the
ux
co-working
space,
I'm
sure
they
would
speak
up
for
themselves
and
yeah.
We
could
just
kind
of
get
started
on
mura
or
something
it's
the
areas
that
we
already
have
on
top
of
our
heads,
like,
I
can
think
of
all
the
ones
that
compliance
is
concerned
about,
like
protected
branches,
merge,
request,
approvals,
push
rules
and
I
could
categorize
the
ones
that
I
know
like
what
else.
B
A
A
B
Let
me
read
the
job
to
be
done
here,
just
for
the
video.
So
when
I
have
configured
push
rules
at
the
group
level,
I
want
a
single
action
that
applies
those
rules
to
all
existing
projects,
so
that
my
entire
namespace
is
brought
into
compliance
with
these
push
rules
without
me
having
to
manually,
update
every
single
subgroup
and
project,
and
that's.
B
Visually,
it
makes
sense.
I
don't
see
anything
weird
or
like
missing.
I
want
a
single
action
that
applies
the
rules
to
all
existing
projects,
so
just
setting
the
setup
defaults
below
everything
would
be
set
all
default
instead
of
having
to
push
everyone
individually
right
yeah.
B
Is
there
a
a
zero
state
or
a
response
state
that
shows
like
grayed
out,
so
you
don't
have
the
buttons
on
the
right
to
set
as
default.
A
A
I
don't
think
anything
like
that.
I
mean
I
had
like
if
there
were
no
projects
with
custom,
push
rules
but
yeah
it's
basically.
If
sorry,
it
keeps
jumping
to
the
comment,
so
it
scrolls
down.
A
Okay,
nope
keyboard
is
dead,
but
yeah
I
just
want
to.
If
they
hit
that
all
we
want
at
least
warn
them,
like
hey
you're,
about
to
change.
Six,
you
sure
yeah,
it's
not
like
it
can't
be
recovered
like
they
can't
technically
recover.
It's
just
gonna
be
kind
of
painful
to
do
it.
B
B
A
It's
one
of
those
areas
of
the
product
where
it's
not
there's
a
lot
of
traffic
there,
so
I
would
say
it's
probably
only
our
persona
that's
going
in
there
but
yeah
I
mean
with
that
said
it's
possible,
but
I
just
I
yeah
I'm.
I.
B
B
Just
like
hey,
this
is
the
way
it
happened.
You
have
to
go
back
and
do
everything
manually
yeah
like
is
there
a
way
like
a
save
state
variable
or
a
save
profile.
A
Like
in
settings
like
when
you
like
do
this,
and
then
you
hit
save
to
yeah,
no,
I
think
it
all
it's
I
mean
currently
awaits
the
size.
It
would
take
action
right
away.
I
think
that's
definitely
something
we
want
to
be
aware
of,
like
you
said
and
open
for
feedback.
A
A
B
B
A
A
It's
almost
like
solving
for
the
wrong
problems
at
times.
So
what
mike's
challenged
me
to
do.
A
A
B
A
fracturing
of
the
persona
too
right
could
be.
Perhaps
the
persona
needs
to
be
more
refined
by
saying
persona.
A
is
this
terminal
user
who
just
does
specific
work
within
terminal,
whereas
persona
b
really
needs
that
dashboard,
because
they
don't
work
in
the
persona.
They
just
need
to
see
everything
in
a
visual,
easy
to
digest
manner,
and
so.
A
A
True,
I
do
think
there's
a
variety
of
people
that
serve
this
camera
in
the
compliance
manager
role
because
it
is
a
bit
of
a
hybrid.
You
might
have
your
like
vp
of
engineering,
be
the
person
that
manages
the
compliance
for
your
entire
organization,
which
I've
talked
to
several
people
that
are
like
that
and
they're,
not
like
writing
code
every
day.
So
they
do
want
to
use
gitlab
to
drive
those
actions.
A
B
Well
again,
that's
we
have
to
do
like
inventory
or
research
of
understanding
what
that
scope
or
what
that
percentage
is
right.
Do
we
have
90
percent
of
our
users?
Are
the
cto
or
just
doing
the
the
legal
compliance
work?
And
then
you
have
like
you
know
ten
percent
or
one
percent,
just
doing
the
everything
from
the
command
line,
or
vice
versa.
B
A
Okay,
cool
yeah.
I
think
I
still
think
our
proposal
here
is
small
enough
that
we'll
get
some
useful
learning
out
of
it.
If
it's
hot
garbage
we'll
delete
it,
and
if
it's
useful,
then
we
have
something
else
to
build
off
of.
A
A
B
A
A
I
saw
a
really
great
conversation
yesterday
with
sid
on
iterations,
and
they
were
talking
about
the
this
feature
they'd
introduced
into
like
the
merge
request
page
where
you
can
expand
and
collapse
sections
of
changes,
and
they
had
just
like
gone
in
and
replaced
certain
things,
and
then
they
learned
that
it
wasn't
easy
to
tell
the
difference
between
a
user
having
hidden
and
collapsed
something
versus
the
system
having
collapsed
something,
and
so
they
had
to
follow
up
with
something
so
that
you
could
differentiate
if
the
system
collapsed
it
or
if
the
user
had
collapsed
it
once
you
open
the
page.
A
Like
when
you,
the
problem,
you're
trying
to
solve
for
was,
people
were
missing
portions
of
the
code
because
they
were
automatically
collapsed.
A
A
section
to
be
like
hey,
there's,
hidden
code
here
and
then
users
came
back
and
said:
you've
now
increased
the
page
size
a
lot
by
adding
this
to
every
single
file
that
has
hidden
stuff
that
we've
already
collapsed
ourselves.
So,
okay,
great!
This
is
one
situation
where
we
want
to
learn
how
users
want
to
interact
with
the
data
to
better
for
what
we
do
next,
because
all
we
can
really
do
is
assume
what
they
want:
yeah
for
sure
sweet.
Well,
thanks
for
chat,
daniel
enjoy.