Skip to content

Protected Tags

What

Protected tags feature, similar to protected branches

Prevents tag deletion and force pushing for everyone, and uses access levels (Masters, Developers + Masters, or No one) to control who can create tags. Supports wildcard matching.

Why

To give project admins control over who can create/update/delete tags. Especially useful when tags are used to trigger deploys or official releases.

Questions

  • Should users be able to update protected tag ‘release notes’?
  • UX: Should tags index have link similar to Protected branches can be managed in project_settings_link.

Documentation preview

https://gitlab.com/gitlab-org/gitlab-ce/blob/18471-restrict-tag-pushes-protected-tags/doc/user/project/protected_tags.md

Screenshots

Settings

Protected Tags Settings

Over git

Protected Tags Over Git

Project tags

These have the delete button disabled and a Protected label

Tags Index Tags Show
Tags index with labels and disabled delete buttons Protected Tags Show Page

ProtectedTags#show

Tags Matching Protection Wildcard

Todos

  • Changelog entry added, if necessary
  • Tests added for this feature/bug
  • EE Merge request
  • Change restriction on force pushing to restriction on update in line with current git behaviour
  • Double check API access

Follow up tasks

Relevant issues

Closes #18471 (closed)

Merge request reports