Allow administrators control over Pages usage
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Problem to solve
GitLab pages allows arbitrary users to post arbitrary content on web property controlled by the site administrator. This can make some administrators nervous.
Intended users
Open source projects.
Further details
GitLab's Pages feature can be very useful as it can simplify the deployment process for web assets. This can be very appealing to open source projects (e.g. the Haskell installation, gitlab-ce#55039), who generally want to focus on things other than the deployment of their website.
However, GitLab instances which host FOSS projects are typically open to public sign-ups. Enabling Pages in this case would mean that arbitrary users (e.g. spammers) could post content on a domain controlled by the project.
Proposal
Allow the site administrator to grant the ability to enable Pages to only a subset of site users. This might be accomplished by introducing a magic "Pages users" group. Members of this group would be able to enable Pages on projects that they control.
What does success look like, and how can we measure that?
Users can enable Pages on a public GitLab instance without fear that their web property will be abused.
Links / references
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.