Restrict container images used in pipelines to images on the specific registries

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Proposal

Currently, we can specify any image on any registry in the CI/CD configuration file (.gitlab-ci.yml).

There is a need for customers (admins for self-managed instances) to restrict Docker image pulls to specific registries, such as the customer's private registry.

For example, by specifying the domain of container registries in instance-level or group-level settings, users can run a CI/CD job using any image in these registries, but not an image in registries not listed there.

Customer request (internal): https://gitlab.zendesk.com/agent/tickets/515962