Add the ability to mark artifacts in Package/Container registries as protected

Problem to solve

Currently we use artifactory to store our maven dependencies and we would like to migrate to use gitlab for this purpose. However there is no ability to protect certain packages, meaning that anyone who is a member of a project, can delete released packages, causing build issues and forcing us to rebuild the package and upload it back into the maven repo. Likewise this is also the case for the container registry, where anyone who is a member of the project is able to modify all existing docker containers.

Proposal

We should be able to mark packages or containers as 'protected', similar to how we can mark branches in the projects git repo. This would mean that if a package/container is marked as protected, only maintainers are permissioned to modify it. If a package/container is not marked as protected, anyone in the project should be permissioned to modify it.

User experience goal

• As a Developer, If an existing artifact is marked as protected, I should not be able to modify the package/container
• As a Developer, If an existing artifact is not marked as protected, I should be able to modify the package/container
• As a Maintainer, If an existing artifact is marked as protected, I should have the ability to modify the package/container

Further details

By adding permissions to the packages, this allows maintainers a greater level of control over who has access and ensures a level of protection around artifacts that have been released.

~"group::package" devopspackage feature