Project settings: add 'Packages' visibility setting (!82808) · Merge requests · GitLab.org / GitLab

Jonas Wälter requested to merge siemens/gitlab:public-packages into master Mar 14, 2022

Situation

With the GitLab Package Registry, you can use GitLab as a private or public registry for a variety of supported package managers. The visibility of the Package Registry depends on the project visibility: Packages are only accessible to all (anonymous), if the project itself is public. In the project settings, you can enable/disable the Package Registry but you can't configure the visibility.

📄 Documentation: Package Registry visibility permissions

Proposal

Let's allow to have public visibility in private/internal projects. So let's add packages visiblity settings on project-level.

What does this MR do and why?

This MR adds a Packages visibility setting to the project settings (General > Visibility, project features, permissions). The MR does NOT implement the handling of this setting for the different package types (e.g. Composer, Conan, Maven, npm, ...). Thus, the new visibility setting is behind the new package_registry_access_level feature flag. Several follow-up MRs are needed to implement the handling for the different package types.

➡ Implementation plan

🛠 with ❤ at Siemens

/cc @bufferoverflow

Screenshots

Project settings: before	Project settings: after (`package_registry_access_level` feature flag enabled)

How to set up and validate locally

Enable the feature flag

Feature.enable(:package_registry_access_level)

In a project, go to Settings > General > Visibility, project features, permissions.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Apr 21, 2022 by Jonas Wälter

Project settings: add 'Packages' visibility setting