Skip to content

Cascade package forward settings from admin area to group

Problem to solve

Users want to be able to have more control over their package forwarding settings, especially when the settings occur at different levels (instance, namespace, project). There should be rules about how settings are inherited and overwritten, and how changes can cascade down.

Currently, we have instance-level settings to turn on and off package forwarding for PyPI and npm, and soon to include maven.

  • Forwarding means when a package is not found in the GitLab package registry that the package is requested from an external public registry
  • This feature is enabled by default, meaning it is currently not possible to disable it if you're a SaaS customer
  • Some customers would not like this feature to be turned on because pulling from a public registry can introduce unexpected problems (the package is not frozen in time, it can change)
  • Some customers would not like this feature to be turned on because pulling from a public registry can expose them to security problems

Proposal and logic

Figma

See designs below

  • Add UI copy on admin package forward settings to explain that the setting can be overridden at the group level
  • Surface the setting at the group level. The group setting will show what has been set at the admin level.
  • Surface the setting at the sub-group level, the sub-group will show was has been set at the parent group level.
  • When the setting is overridden, it will never follow the parent setting again
  • If a setting has not been overridden, it will follow the parent setting
  • User namespace will adhere to admin settings

Example:

  1. Admin setting is allow forwarding
  • Admin setting:
  • All groups:
  1. Admin setting is changed do not allow forwarding
  • Admin setting:
  • All groups:
  1. Group A overrides setting to allow forwarding. Group A has a subgroup, sub-group A
  • Admin setting:
  • Group A:
  • Group A/sub-group A:
  • All other groups:
  1. Admin setting is changed to allow forwarding
  • Admin setting:
  • Group A:
  • Group A/sub-group A:
  • All other groups:
  1. Admin setting is changed do not allow forwarding
  • Admin setting:
  • Group A:
  • Group A/sub-group A:
  • All other groups:

Implementation plan

Blocked by #360267 (closed)

  1. Add additional form fields, sub-header & description to _ee_package_registry.haml file. Dependent on additional backend fields for "maven" support & supporting update on the field. Maven field added here Maven request forwarding (!85299 - merged)
  2. Add Package forwarding section to group settings
    1. Render form fields (checkboxes).
    2. Render "Save changes" button & handle action.
  3. Add GraphQL query to get/update settings
Edited by Rahul Chanila