Option to make variables protected by default
Problem to solve
From a security standpoint it makes sense to be as restrictive as possible. Being able to set the default value to on
on a GitLab instance allows for more secure defaults, if desired.
Further details
As per https://gitlab.com/gitlab-org/gitlab-ce/issues/42928 the default was set to off
. Providing an option to configure this as an admin would provide the option to change this default.
Proposal
I'd like to propose a configuration setting for the admin in the section Continuous Integration and Deployment
to change the default.
What does success look like, and how can we measure that?
Links / references
Edited by Mark Fletcher