Backend: Opt-out of the cache segregation by protected ref status default behavior

Problem

With the recent change to use a suffix on the cache key determined by the protected status, some customer's workflows are broken because their workflow relies on a shared cache for both protected and non-protected branches.

Related issue(s):

#360910

Proposal

Allow users to configure an opt-out of the cache segregation by protected ref status in the .gitlab-ci.yml file.

using the suggested syntax which adds unprotect: key

job1:
  script:
    - echo
  cache:
    key: "$CI_COMMIT_REF_SLUG"
    paths:
      - binaries/
    unprotect: true # Uses the `non_protected` suffix in all cases

Implementation Details

{placeholder for details}

https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/1551#note_936736450
https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/1551#note_938122991

Edited Jul 05, 2022 by Mark Nuzzo