Reconsider GitLab Pages default access level
By default we make pages private on project creation if project is private even if access control is disabled on the instance.
The idea behind current access level is:
- you have instance without access control enabled
- someone creates private project without pages
- you enable access control for instance
- user deploys pages in the project created before
- this results in private project having public pages even though pages were deployed after access control was enabled
But this logic causes a lot of problems:
- when you enable access control a lot of previous public pages sites can become private
- things like #263305 (comment 531799576)
I see 2 options:
- just consider pages public if access control is not enabled
- use
null
as the default value and then follow the visibility of the project - this can be much harder to implement and cause new bugs
Note
Pages will be public by default (if access control is not enabled) for all new projects.
We will not change the default for existing projects
Edited by Orit Golowinski