5.6 KiB
5.6 KiB
| stage | group | info | type |
|---|---|---|---|
| Release | Release | To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments | concepts, howto |
Group-level protected environments API (PREMIUM)
- Introduced in GitLab Premium 14.0.
- Deployed behind a feature flag, disabled by default.
- Disabled on GitLab.com.
- Not recommended for production use.
- To use in GitLab self-managed instances, ask a GitLab administrator to enable it. (FREE SELF)
This in-development feature might not be available for your use. There can be risks when enabling features still in development. Refer to this feature's version history for more details.
Read more about group-level protected environments,
Valid access levels
The access levels are defined in the ProtectedEnvironment::DeployAccessLevel::ALLOWED_ACCESS_LEVELS method.
Currently, these levels are recognized:
30 => Developer access
40 => Maintainer access
60 => Admin access
List group-level protected environments
Gets a list of protected environments from a group.
GET /groups/:id/protected_environments
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer/string | yes | The ID or URL-encoded path of the group maintained by the authenticated user. |
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/protected_environments/"
Example response:
[
{
"name":"production",
"deploy_access_levels":[
{
"access_level":40,
"access_level_description":"Maintainers",
"user_id":null,
"group_id":null
}
]
}
]
Get a single protected environment
Gets a single protected environment.
GET /groups/:id/protected_environments/:name
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer/string | yes | The ID or URL-encoded path of the group maintained by the authenticated user. |
name |
string | yes | The deployment tier of the protected environment. One of production, staging, testing, development, or other. Read more about deployment tiers. |
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/protected_environments/production"
Example response:
{
"name":"production",
"deploy_access_levels":[
{
"access_level":40,
"access_level_description":"Maintainers",
"user_id":null,
"group_id":null
}
]
}
Protect an environment
Protects a single environment.
POST /groups/:id/protected_environments
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer/string | yes | The ID or URL-encoded path of the group maintained by the authenticated user. |
name |
string | yes | The deployment tier of the protected environment. One of production, staging, testing, development, or other. Read more about deployment tiers. |
deploy_access_levels |
array | yes | Array of access levels allowed to deploy, with each described by a hash. One of user_id, group_id or access_level. They take the form of {user_id: integer}, {group_id: integer} or {access_level: integer} respectively. |
The assignable user_id are the users who belong to the given group with the Maintainer role (or above).
The assignable group_id are the sub-groups under the given group.
curl --header 'Content-Type: application/json' --request POST --data '{"name": "production", "deploy_access_levels": [{"group_id": 9899826}]}' --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/22034114/protected_environments"
Example response:
{
"name":"production",
"deploy_access_levels":[
{
"access_level":40,
"access_level_description":"protected-access-group",
"user_id":null,
"group_id":9899826
}
]
}
Unprotect environment
Unprotects the given protected environment.
DELETE /groups/:id/protected_environments/:name
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer/string | yes | The ID or URL-encoded path of the group maintained by the authenticated user. |
name |
string | yes | The deployment tier of the protected environment. One of production, staging, testing, development, or other. Read more about deployment tiers. |
curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/protected_environments/staging"
The response should return a 200 code.