[go: up one dir, main page]

Backend requirements for MR Approval settings.

Problem to solve

Add back-end support to scope MR approval settings to compliance framework.

Proposal

Record Compliance MR approval

  • Create model and DB tables
  • Create form on front-end
  • Connect save action

Interpret Project-level MR approval settings

  • Provide public interface on Project model to interpret applied MR approval settings
    • Check for compliance attribute
    • If applicable, retrieve settings from compliance_mr_approval_rules_settings table
    • If not, use settings on projects table
  • Put these changes under a feature flag

Considerations

Two possible implementations: read-optimize and write-optimize

Read-optimize

graph LR
  a[change] --> b("Instance-level") --> c["bulk update"] --> d("Project-level")

Pros:

  • Less complex logic when inferring project-level setting

Cons:

  • Complex write logic with background job (e.g. schedule, retry)
  • Deal with potential race condition
  • Require audit tracking on individual project updates
  • Require extra triggers on other actions (e.g. when assign compliance labels)

Write-optimize

graph LR
  a[read] --> b("Project-level") --> c[query] --> d("Instance-level")

Pros:

  • Simpler logic on instance-level update

Cons:

  • Complex read logic (i.e. need to query different tables to resolve the correct rules)
  • Might require application cache if queries are too expensive

For this proposal, I have decided to go with the write-optimize path given its complexity is less than the other. While I think this is a nice middle ground, the design around approval rules model and its complex cascading rules is overdue for a re-assessment. As we introduce more layer of checks upon our query path, the application performance suffers.

Open questions

  • MR Approvals Rules should be extracted to its own entity. This requires major overhaul across application and DB (application_settings and projects table).
  • Compliance is just a scope/container/namespace concept to approval rules. In theory, can we visualise this as directory tree?
application
|-- compliance
|    |-- group 
|    |    |-- project
|    |    |    |--

Placeholder, Issue description to come. See comments history here. &3432 (comment 350782501)

Edited by Tan Le