Feature parity: `artifacts:public` support for SaaS customers
## Summary `artifacts:public` is only supported for self-managed customers; this feature needs to also be enabled for SaaS customers. However the initial implementation > is not implemented in a way it would be safe to enable it in production, and even if this would work without a major performance degradation it would hinder our progress on various CI/CD initiatives around extending our database capacity. Using `artifacts:public` in `.gitlab-ci.yml` and setting it to `public: false` should deny access to download artifacts (only `job_artifacts_archive`/`archive.zip`) to guests and anonymous users of public projects even if pipelines are public. This allows users to specify artifacts that are needed for the pipeline but are not fit for public consumption (for instance, intermediary build artifacts or artifacts containing sensitive information). ### Why this matters and how we measure <!-- What is the value to the customer or our business? Does this align with our OKRs? If we need to create or update existing instrumentation, please note here. --> This falls under Advanced Security and Compliance. Our current roles and permissions allow non-members access to public projects/pipeline artifacts, but there are no settings/controls to limit this access. ## Proposal <!-- Try to keep the proposal limited in scope. Plan for iterations, create follow up issues as required and add them as related. --> ## Performance Considerations <!-- Performance concerns to be aware of and monitor when implementing the issue.--> ## Out of Scope <!-- Include this section for specific use cases that are out of scope / out of bounds for this specific issue. --> ## Acceptance Criteria <!-- This needs to be true or demonstrable to consider this specific issue complete. Keep this dependent on other issues when possible --> ## Additional details <!-- _NOTE: If the issue has addressed all of these questions, this separate section can be removed._ --> Some relevant technical details, if applicable, such as: - Does this need a gitlab~7884237? - Does there need to be an associated gitlab~15980522 issue created related to this work? - Is there an example response showing the data structure that should be returned (new endpoints only)? - What permissions should be used? - Which tier(s) is this for? - [ ] gitlab~3207279 - [ ] gitlab~2278657 - [x] gitlab~19953071 - Additional comments: ## Implementation Table <!-- _NOTE: Use this to indicate all dependent issues related to this one which are required for launch._ --> | Group | Issue Link | | ------ | ------ | | gitlab~2492649 | :point_left: You are here | | gitlab~3412464 | [Issue Title](url) | | gitlab~2278655 | [Issue Title](url) | | Instrumentation | [Issue Title](url) | <!-- ## Documentation _NOTE: This section is optional, but can be used for easy access to any relevant documentation URLs._ --> ## Links/References
epic