Skip to content

Protected containers: Badge "protected" in container registry list

In previous issues the possibility was added to protected containers from push and delete, e.g. #427546, #406797, etc.

Given this new possibility, we need to make sure that users are able to easily identify protected containers in the different pages related to the container registry. This avoids confusion and unnecessary overhead. This issue discusses and aligns the design concept and other implementation details.

A similar issue was discussed and implemented for the feature "Protected package", see #437926 . This issue intends to implement the same functionality and apply the same learnings.

This issue belongs to the EPIC Container Registry: Granular protection for rep... (&9825).

Proposal

The proposal consists of several aspects.

Aspect 1: Add badge "protected" to each container row

We propose to add badge "protected" to each container list entry when the following condition apply:

  • There is at least one container protection rule for the given container - regardless of the current user (viewing the container list page); in other words, the given container receives the badge with the label "protected" when there is matching container protection rule.

The following screenshot is taken from the package registry that is the inspiration for this issue.

grafik

Aspect 2: Consider protected containers for button "Delete selected" (NOT READY FOR IMPLEMENTATION)

Important note: Delete protection for container images is not implemented at the moment although it is possible to create delete container protection rules. Therefore, this aspect is currently not relevant, but should be documented nevertheless.

It is also possible to delete container images in the GitLab UI and to define delete container protection rules.

Hence, when container images are deleted in the GitLab UI, we need to consider if any delete protection rule is active for this specific container image. If this is the case, then the user (current user deleting the container image in the GitLab UI) should not be able to do this.

In another discussion thread, @katiemacoy showcases how the delete protection should be considered in the container registry list.

Edited by Gerardo Navarro