Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Customizable default project configuration #21050

Open
ilsaloving opened this issue Oct 15, 2024 · 2 comments
Open

Customizable default project configuration #21050

ilsaloving opened this issue Oct 15, 2024 · 2 comments
Labels
backlog kind/requirement New feature or idea on top of harbor needs/design

Comments

@ilsaloving
Copy link

Is your feature request related to a problem? Please describe.
A user new to the system may not fully understand some of the project configuration settings, or perhaps the server owner wants to enforce specific settings. Currently, if you want to control access to project settings, the only option is to restrict project creation to the admin, which would be an unreasonable burden for a multi-user system.

Describe the solution you'd like
Each (or at least, most) project configuration settings should allow for the admin to set the default (eg: projects are private by default), and should also have an admin lock setting (ie: a user cannot modify the setting). If a user wants a locked setting to be modified, they will have to ask an admin to override it.
This way an admin can say, for example:
-All projects must be private (locked)
-projects have vuln scanning enabled by default

Describe the main design/architecture of your solution
There would be a copy of the Project Configuration screen under Administration, labeled Project Defaults. Each field would have a lock (Except maybe the CVE one. Not sure what to do with that one.), which is clickable.
Here is a slapped together mockup:

image

Describe the development plan you've considered
I am not familiar with the code so I don't know what to add here.

Additional context
Add any other context or screenshots about the feature request here.
@Vad1mo Vad1mo added the kind/requirement New feature or idea on top of harbor label Oct 15, 2024
@wy65701436
Copy link
Contributor

Let me clarify my understanding: Do you want Harbor to have project default settings for the system admin, functioning as a template? This would mean that every user can only create a project based on this template, and any changes would require a request for system admin approval.

@ilsaloving
Copy link
Author

It would be like a template, yes, but unless a specific setting was locked by the admin, then the user can change it after project creation. For example, maybe there is a policy that all projects must be private, so the admin locks that setting. A project creator can configure their project however they want, except that they cannot make it public.

Have you ever administered Gitlab? That would be a perfect example of what I'm talking about.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backlog kind/requirement New feature or idea on top of harbor needs/design
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Vad1mo @reasonerjt @wy65701436 @ilsaloving