►
From YouTube: Leveraging GitLabForm for Compliance
Description
Projects Used for Demo:
https://github.com/egnyte/gitlabform
https://gitlab.com/poffey21/gitlab-form
https://gitlab.com/gitlab-gold/tpoffenbarger/gitlab-form
A
Hi
everyone,
my
name,
is
tim
boffenberger
and
I'm
a
solutions
arc
architect
with
git
lab
and
wanted
to
spend
some
time
talking
through
a
tool
called
get
lab
form.
A
It's
based
on
an
open
source
project
and
I've
been
spending
a
little
bit
of
time
with
it
to
make
it
more
friendly,
with
our
ultimate
offering,
essentially
the
the
gist
of
what
of
what
gitlab
form
does
for
you
is
given
a
config.yaml
file.
A
A
Even
you
know,
managed
licenses
that
you
want
approved
or
denied,
and
then
you
can
also
have
project
settings
where
you
have
very
specific
things
and
with
this
yaml
file,
which
is,
in
my
opinion,
pretty
easy
to
read,
flows
nicely
with
how
we
do
approvals
today
or
manage
our
settings
today.
A
You
can
leverage
gitlab
to
to
kick
this
pipeline
off,
and
here
I'm
just
using
a
template.
So
let
me
show
you
what
that
template
looks
like
it's
pretty
simple
we're
really
just
executing
the
scalab
form.
All
defined
is
going
to
specify
that
everything
that's
defined
within
this
config.yaml
file
is
going
to
be
applied.
A
So
so,
let's
take
a
look
at
what
this
might
look
like
today,
so
I
have
a.
I
have
a
top
level
group
and
I
want
all
these
projects
to
kind
of
fit
a
certain
type
of
mold.
So
I
just
created
this
brand
new
billing
api
and
you
can
actually
see
when
I'm
in
this
billing
api
there's.
No,
you
know
code
owners
file
which
might
be
problematic.
A
If
I
go
to
general
and
merge
requests
approvals,
it
doesn't
look
like
there's
any
approvals
set
up
again.
You
know
kind
of
a
red
flag
and
what
git
lab
form
allows
us
to
do
is
if
I
head
over
to
my
farmer
in
the
sky
project.
A
A
And
a
few
things
to
note
what
it's
going
to
do
is
it's
actually
going
to
leverage
our
ci
environment
variables,
so
this
ci
project,
namespace
of
the
farmer
in
the
site
sky
group,
which
would
be
get
lab
gold,
t,
poff
and
barger
get
lab
form.
A
So
it's
going
to
leverage
that
and
it's
going
to
add
that
as
its
default
group.
Additionally,
we
also
have
this
project
settings,
so
this
particular
project,
the
this
farmer
in
the
sky.
I
want
specific
settings
for
this
config.yaml,
so
that
coffee21
me
is
always
a
part
of
the
merge
request
approvals
process
and
you
can
see
that
it's
it's
looking
at
that
top
level
group.
It's
looking
at
all
the
different
applications
within
that
top
level
group.
One
thing
to
note
is
all
defined
can
be
customized.
A
A
Sorry
about
that
gitlab
form
finance
billing
api,
and
if
we
pull
up
these
general
settings
again,
we
can
actually
see
that
the
merge
request
approvals
process
was
updated.
Great
license,
check,
vulnerability,
check
are
all
in
place
now.
We
also
added
this
default
approvers
rule
generated
by
gitlab
form,
and
then
we
can
also
see
that
there's
a
code
owner's
file
in
here,
which
is
great
because
now
we
can,
we
can
manage
not
only
settings
but
also
particular
files
that
we
want
to
exist
in
here.
A
Taking
this
one
step
further
I'd
like
to
propose.
So
let's
say
that
I
have
this
new
happened
and
if
I
drill
into
my
settings
merge
request
approval
process,
and
I
I
decide
that
I
actually
want
my.
I
want
to
allow
overrides
to
approval
lists
for
them
for
the
merge
request.
My
proposal
here
is
that,
rather
than
making
the
save
changes
reflective
of
this
change,
we
could
just
simply
have
this
dynamically
generate
a
merge
request,
so
upon
click
it
automatically
opens
up
a
merge
request
for
this
farmer
in
the
sky.
A
Sets
it
in
draft
mode.
You
know,
modify
approval
rules
for
my
new
app.
If
I
save
those
changes
and
we
look
at
the
changes
that
were
applied,
we
actually
see
that
it
just
took
this
my
new
app
and
then
merge
request
approvals
and
then
added
that
rule
in
place
seems
like
a
a
kind
of
a
quick
iterative
way
to
to
deal
with
some
of
our
compliance
needs.
A
You
know,
and
it
leans
into
the
unique
ways
that
get
lab
leverages
code
to
manage
all
the
things
thanks
for
your
time,
get
lab
form
is
is
a
great
product
again,
I
I'm
borrowing
it
from
another
from
another
team
that
built
this,
and
I
added
a
few
things
that
I
hope
to
incorporate
back
into
the
the
main
project.