Access Control for Auto DevOps (review apps default to private)
Problem to solve
Review apps (and sometimes production apps) would benefit from being "private" so that only users from the gitlab group can view them.
Target audience
Further details
Proposal
If we were able to use GitLab OAuth to authorize access to review apps this would be ideal. Alternatively we could consider IP whitelisting or basic auth (maybe basic auth URL is already displayed in UI so clicking through via gitlab is how you authenticate).
What does success look like, and how can we measure that?
Links / references
From slack conversation https://gitlab.slack.com/archives/C0NFPSFA8/p1549660350939100?thread_ts=1549654769.927300&cid=C0NFPSFA8