►
From YouTube: How might we simplify settings inheritance?
Description
Two GitLab designers discuss how different settings are inherited through groups and projects.
B
Yeah,
so
I
actually,
she
just
passed
this
issue
off
to
me
yesterday
in
our
one-on-one,
so
I
haven't
had
a
full
chance
to
understand
the
scope
apart
from,
if
we
think
about
how
settings
work
in
our
organization,
a
lot
of
them
are
based
specifically
at
the
object
they're
associated
to
not
in
an
organizational
inherited
model.
So
I
can
have
five
different
projects
that
have
different
behaviors,
despite
all
being
within
the
same
group,
for
no
particular
reason
so,
for
example,
like
project
deletion.
A
B
Owner
or
maintainer
of
content
within
my
group,
I
should
be
able
to
remove
or
delete
projects
or
assign
a
behavior
that's
standard
across
all
of
my
projects
within
my
group.
So
if
I
wanted
to
say,
for
example,
I
know
I'm
going
to
automatically
delete
a
project,
I
don't
need
them
to
sit
in
a
delayed
status
for.
A
A
Yeah,
that
makes
sense
yeah.
The
issue
that
you
commented
on
for
us
was
the
one
where
we
were
essentially
creating
an
avenue
for
an
administrator
or
a
group
owner
to
push
down
their
push
rules
onto
their
groups
or
sorry
their
projects
that
have
already
existed
at
least
with
push
rules
when
you
have
defined
them
and
configure
them
at
a
group
level,
they
will
be
inherited
if
it's
a
new
project,
but
the
old
ones
don't
inherit
it.
That
probably,
is
to
prevent
some
things
from
breaking.
A
So
our
thought
was,
let's
start
with
something
pretty
small
by
just
giving
them
an
opportunity
to
see
which
ones
are
using
different
settings
and
then
see
how
they
would
want
to
move
from
there
in
terms
of
enforcing
that.
But
what
were
you
envisioning
doing
for
the
delayed
project
setting?
I
know
from
my
experience
I
believe,
when
it's
set
at
the
group
level.
A
B
And
so
I
think
the
idea
being
is
that
that
it
would
just
kind
of
force
it
from
the
top
down
and
not
have
that
sort
of
flexibility
or
freedom
at
that
point.
So
if
you
want
to
enable
the
flexibility,
you
then
would
disable
that
at
the
primary
level
at
the
group
by
saying,
allow
people
to
do
whatever
they
want
at
the
object
level
and
then
at
the
top
level.
You
could
just
say
this:
is
the
default
behavior
and
enforce
it
across
the
entire
organization.
B
So
it's
one
point
of
contact
where
they,
the
admin
would
make
that
determination.
If
they
need
that
flexibility
or
not,
and
if
not,
then
the
flexibility
is
open
to
whatever
they
want
to
do,
and
that's
sort
of
the
kind
of
initial
rough
draft
thought
of
it,
which
makes
tons
of
sense.
It's
like
okay,
well
yeah.
Why
hasn't
it
been
this
way
before,
where
you
have
one
simple
toggle,
so
to
speak,
or
a
setting
that
says,
enforce
this
globally
or
do
not
and
allow
enforcement
locally.
A
Yeah,
I
think
one
way
we
were
considering
helping
these
administrators
specify
the
granularity
of
who
they
want
to
inherit.
These
settings
was
by
continuing
to
evolve
the
compliance
frameworks,
so
there's
an
issue
to
introduce
the
ability
to
mark
a
compliance
framework
as
open
or
customizable
versus
a
regulated
one,
and
then
I
think
the
theory
that
we
want
to
introduce
over
time
is,
if
it's
a
regulated
compliance
framework,
you
can
force
the
projects
that
have
that
association
to
inherit
its
parent
settings
when
it's
not
something
that's
normally
inherited.
A
A
A
So
the
way
they
introduced
their
mvc
for
inheritance
was
they
have
this
little
toggle
here,
essentially,
where
you
can
say,
okay
default
settings
are
inherited
from
the
instance
level,
but
we
want
to
use
custom
settings
so
you're
basically
saying
we're
going
to
divert
from
what
has
been
set
or
you
can
go
back
to
using
whatever
set
at
your
instance
level
and
it
locks
everything
down.
So
they
give
the
approach
of
we're
going
to
box
you
in.
But
if
you
want
to
unbox
yourself,
you
can.
B
See
I'm
looking
at
this
and
I
think
okay,
this
might
have
security
concerns
where,
if
someone
not
at
the
admin
level
says,
I
want
to
change
this
because
it's
my
project,
I
want
to
do
this.
The
way
I
want
I
was
like
well,
no
you're
part
of
the
organization
or
this
project
is
part
of
the
organization
that
needs
to
maintain
compliance
standards.
It
has
to
maintain
backup
security.
You
know
redundancy
to
make
sure
things
are
protected,
and
so
this
looks
like
too
much
flexibility
unless
I'm
not
understanding
or
misinterpreting
where
this
exists.
A
At
the
group
level,
I
think
you're
right,
that's
the
tricky
thing
about
the
inheritance
with
settings
and
like
enforcing
things
is
some
things
inherently
are
not
something
that
we
really
are
so
tied
to
in
terms
of
security,
compliance
like
giving
teams
the
flexibility
to
customize
their
jira,
that's
probably
necessary,
like
not
every
project's
going
to
use
the
same
jira
project
but,
like
you
said,
like
enforcing
a
soft
delay.
That
might
be
something
that
the
whole
company
wants
to
have,
and
they
don't
want
to
get
the
option
to
opt
out
of
it.
They
just
like.
B
B
I
think
if
we
do
like
a
categorization,
if
we
think
about
what
settings
or
features
our
actual
security
concerns
versus
like
it,
doesn't
really
matter
what
the
project
level
does,
if
they
do
that,
like
I
just
use
an
example
like
renaming
it,
I
don't
think
there's
a
strong
change
or
reason
to
restrict
something,
but
that's
something
we
can
definitely
get
feedback
on
right.
So,
like
say
what
are
the
top
five
things
that
should
be
100
lock
down?
A
A
B
Owner
what
do
you
want
whenever
you
think
about
secure
settings
that
should
exist
inherited
across
your
organization
or
settings
that
you
don't
care
about?
So
we
perhaps
we
can
come
up
with
a
little
research
proposal
with
anna
to
try
and
come
up
with
a
mailer
for
that,
because
I
don't
think
we
need
real.
Like
interaction,
I
mean
honestly,
like
our
top
five.
A
Yeah
I
mean
it'd,
be
a
cool
card,
sorting
activity
if
we
just
like
kind
of
audited
our
settings
as
they
are
today
and
kind
of
group
them
into
different
categories
to
show
like
these
are
inherited
with
all
projects.
These
can
be.
If
you
do
this
method,
these
are
you
know.
The
wild
west
autodevops
is
another
example
where
they
have
their
version
of
inheritance,
where
it's
telling
you
where
it's
coming
from,
and
then
you
can
checkbox
it
and
say
we
want
projects
to
default.
A
A
Yeah,
I
can't
remember
exactly
who's.
Does
the
auto
devops
portion,
but
yeah
we
could
just
kind
of
be
bop
brown.
Obviously
we
just
share
it
in
the
ux
co-working
space,
I'm
sure
they
would
speak
up
for
themselves
and
yeah.
We
could
just
kind
of
get
started
on
mura
or
something
it's
the
areas
that
we
already
have
on
top
of
our
heads,
like,
I
can
think
of
all
the
ones
that
compliance
is
concerned
about,
like
protected
branches,
merge,
request,
approvals,
push
rules
and
I
could
categorize
the
ones
that
I
know
like
what
else.
B
A
A
B
Let
me
read
the
job
to
be
done
here,
just
for
the
video.
So
when
I
have
configured
push
rules
at
the
group
level,
I
want
a
single
action
that
applies
those
rules
to
all
existing
projects,
so
that
my
entire
namespace
is
brought
into
compliance
with
these
push
rules
without
me
having
to
manually,
update
every
single
subgroup
and
project,
and
that's.
B
A
A
A
B
B
A
B
B
A
A
A
B
B
A
A
A
B
A
fracturing
of
the
persona
too
right
could
be.
Perhaps
the
persona
needs
to
be
more
refined
by
saying
persona.
A
is
this
terminal
user
who
just
does
specific
work
within
terminal,
whereas
persona
b
really
needs
that
dashboard,
because
they
don't
work
in
the
persona.
They
just
need
to
see
everything
in
a
visual,
easy
to
digest
manner,
and
so.
A
A
True,
I
do
think
there's
a
variety
of
people
that
serve
this
camera
in
the
compliance
manager
role
because
it
is
a
bit
of
a
hybrid.
You
might
have
your
like
vp
of
engineering,
be
the
person
that
manages
the
compliance
for
your
entire
organization,
which
I've
talked
to
several
people
that
are
like
that
and
they're,
not
like
writing
code
every
day.
So
they
do
want
to
use
gitlab
to
drive
those
actions.
A
B
Well
again,
that's
we
have
to
do
like
inventory
or
research
of
understanding
what
that
scope
or
what
that
percentage
is
right.
Do
we
have
90
percent
of
our
users?
Are
the
cto
or
just
doing
the
the
legal
compliance
work?
And
then
you
have
like
you
know
ten
percent
or
one
percent,
just
doing
the
everything
from
the
command
line,
or
vice
versa.
B
A
A
A
B
A
A
A
section
to
be
like
hey,
there's,
hidden
code
here
and
then
users
came
back
and
said:
you've
now
increased
the
page
size
a
lot
by
adding
this
to
every
single
file
that
has
hidden
stuff
that
we've
already
collapsed
ourselves.
So,
okay,
great!
This
is
one
situation
where
we
want
to
learn
how
users
want
to
interact
with
the
data
to
better
for
what
we
do
next,
because
all
we
can
really
do
is
assume
what
they
want:
yeah
for
sure
sweet.
Well,
thanks
for
chat,
daniel
enjoy.