Introduce a maintainer access level on job artifacts

Dmytro Biryukovrequested to merge
add_maintainer_for_artifacts_access_mr-454398 into master

Related: #454398 (closed)

What does this MR do and why?

In GitLab 16.11, we introduced the concept of artifacts:access.

This MR introduces a new Maintainer+ level access restriction for Ci::JobArtifacts and Ci::Build on .gitlab-ci.yml artifacts: access level definition.

References

Screenshots or screen recordings

Before (developer user) After (developer user)
image image

How to set up and validate locally

  1. Add a test project
  2. Invite a developer user to the project
  3. Invite a maintainer user to the project
  4. Create a test .gitlab-ci.yml 
rspec:
  script:
    - echo "<xml>" > rspec.xml
  artifacts:
    access: maintainer
    reports:
      junit: rspec.xml

In the pipeline, verify that artifacts are available to Maintainers and unavailable to Developers and Guests and all other non-developer roles.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Dmytro Biryukov

Merge request reports