Allow pipelines to be deleted by project owners (#41875) · Issues · GitLab.org / GitLab FOSS

Allow pipelines to be deleted by project owners

Problem to Solve

There are a number of valid use cases where deleting a pipeline makes sense.

Playing around with configuration on a new pipeline resulting in a high number of builds over a short period
Perhaps had AutoDevOps or other feature turned on on a project where it wasn't working for some time
Leak of confidential or otherwise sensitive data that must be purged

In these cases, having the logs around doesn't add value and you don't want all those tries to be in your history/statistics forever.

There are also, however, risks associated with deleting a pipeline. Important data could be deleted unintentionally, or even maliciously hidden.

Proposal

What we propose for the first iteration of this feature is adding a DELETE verb to the pipeline API endpoint:

DELETE /projects/:id/pipelines/:pipeline_id

The following implementation details are important:

Performing this action should require project owner authorization.
The action of deleting the pipeline should log the ID and person who did it

Important Considerations

We will not provide a web-based version of this feature for the initial iteration, but can consider doing so in the future.
Deleting a pipeline will automatically delete all child objects associated with that pipeline (jobs, etc.)

Documentation

We should add new documentation to the pipeline API page (https://docs.gitlab.com/ee/api/pipelines.html) that describes how to use the new delete method.

Links / references

### Problem to Solve

There are a number of valid use cases where deleting a pipeline makes sense.

- Playing around with configuration on a new pipeline resulting in a high number of builds over a short period
- Perhaps had AutoDevOps or other feature turned on on a project where it wasn't working for some time
- Leak of confidential or otherwise sensitive data that must be purged

In these cases, having the logs around doesn't add value and you don't want all those tries to be in your history/statistics forever.

There are also, however, risks associated with deleting a pipeline. Important data could be deleted unintentionally, or even maliciously hidden.

### Proposal

What we propose for the first iteration of this feature is adding a DELETE verb to the pipeline API endpoint:

```
DELETE /projects/:id/pipelines/:pipeline_id
```

The following implementation details are important:

- Performing this action should require project owner authorization.
- The action of deleting the pipeline should log the ID and person who did it

### Important Considerations

- We will not provide a web-based version of this feature for the initial iteration, but can consider doing so in the future.
- Deleting a pipeline will automatically delete all child objects associated with that pipeline (jobs, etc.)

### Documentation

- We should add new documentation to the pipeline API page (https://docs.gitlab.com/ee/api/pipelines.html) that describes how to use the new delete method.

### Links / references

Edited Nov 09, 2018 by Jason Yavorska

Discussion
Designs