Persisted branch rules design concepts
🥅 Goal
This issue will hold design concepts for how we could proceed with Branch rules moving forward as a part of the Branch rules refactor in &17485.
📘 Context
What are branch rules?
- Branch rules are the guardrails that protect the most important code branches in a repository
- Rules that enforce quality standards by controlling how code can be pushed, merged, and deployed in a branch
- Security and compliance automatically built into the development workflow
-
GitLab Branch rules are an evolution of our former offering of Protected branches. See them at
Settings>Repository>Branch rules.
Why do they matter to enterprise customers?
- Regulatory Compliance
- Automatically enforce approval workflows and create audit trails required for industry standards and compliance frameworks
- Risk Mitigation
- Prevent costly production outages and security vulnerabilities by catching issues before they reach critical systems
- Quality at Scale
- Maintain consistent code standards across hundreds of developers and repositories without manual oversight and bottlenecks
👤 Job performers
See #554196 (comment 2698832047)
Repository manager
I oversee multiple development teams in my enterprise organization. I need branch rules to maintain code quality and compliance within my organization with hundreds of repositories and developers. I need the confidence that critical systems are protected, without slowing down my developers or become a bottleneck in their workflow. When organizational standards shift, I need to easily update repository protections for the hundreds of repositories I manage.
Code author
I write code everyday for my enterprise organization, and I need to contribute confidently without worrying about accidentally breaking production or violating company policies. I want to write code efficiently, create test environments, and debug without organizational policies blocking my workflows. I need a clear understanding of what organization policies are so I can effectively adhere to them.
🤝 Values of enterprise customers
See #554196 (comment 2698830930)
From analyzing the feedback we've gotten from users about GitLab's Branch rules in #554195, these are the core values that our enterprise customers care about most:
Compliance
Give users robust protection for the code that makes their business run. Investing in compliance to protect code is less risky and expensive than dealing with a critical incident.
- Enforce code quality
- Security standards
- ROI through risk reduction / prevention of unauthorized changes
Confidence
Build unshakeable trust in the system. Users who can trust a system / company with protecting their code are trusting you with a critical piece of their business success. The system should be predictable and scalable enough that users are confident about how rules and conflicts will resolve.
- Trust that settings are properly configured to maintain compliance
- Confidence in the safety nets protecting code
Scale
Make growth effortless. Enterprise organizations with hundreds of repositories and hundreds of developers should be able to manage protections with ease. Allow users to switch from other platforms by quickly setting up branch protections for hundreds of repositories. When organizational requirements change, the system should allow repository managers to easily respond and enforce compliance.
- Set up and manage hundreds of repos
- Smooth collaboration with hundreds of devs
- Security & compliance at scale
Flexibility
Give organizations governance without friction. Developers want to quickly and efficiently write compliant code without being blocked. The system should accommodate varying team needs, as sometimes teams want to quickly test and debug code without restriction. Developers need to clearly understand what branch protection rules apply to them, so they can write compliant code.
- Fast but compliant development
- Governance without friction
- Custom workflows for varying team needs
🎨 Design
Design ideas
🎨 FigJam - Branch Rules Post-MVC: Solutions Brainstorm🎨 [WIP] Figma - #554196 Persisted branch rules design concepts- Migration idea
- Settings idea
- Most restrictive system
- Most specific name match system
Core areas of interest
- Inheritance (across groups, subgroups, projects)
- Rule conflicts (what rules take precedence if a branch matches multiple rules)
- Wildcard / regex support
✅ Completion checklist
After the concepts are created, they will undergo several feedback loops and iteration to increase confidence in the solution, and make sure we are solving the most important user needs.