Container repository protection rules API
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed
List container repository protection rules
Gets a list of container repository protection rules from a project’s container registry.
GET /api/v4/projects/:id/registry/protection/repository/rulesSupported attributes:
| Attribute | Type | Required | Description |
|---|---|---|---|
id | integer/string | Yes | ID or URL-encoded path of the project. |
If successful, returns 200 and a list of container repository protection rules.
Can return the following status codes:
200 OK: A list of protection rules.401 Unauthorized: The access token is invalid.403 Forbidden: The user does not have permission to list protection rules for this project.404 Not Found: The project was not found.
Example request:
curl --header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://gitlab.example.com/api/v4/projects/7/registry/protection/repository/rules"Example response:
[
{
"id": 1,
"project_id": 7,
"repository_path_pattern": "flightjs/flight0",
"minimum_access_level_for_push": "maintainer",
"minimum_access_level_for_delete": "maintainer"
},
{
"id": 2,
"project_id": 7,
"repository_path_pattern": "flightjs/flight1",
"minimum_access_level_for_push": "maintainer",
"minimum_access_level_for_delete": "maintainer"
},
]Create a container repository protection rule
Create a container repository protection rule for a project’s container registry.
POST /api/v4/projects/:id/registry/protection/repository/rulesSupported attributes:
| Attribute | Type | Required | Description |
|---|---|---|---|
id | integer/string | Yes | ID or URL-encoded path of the project. |
repository_path_pattern | string | Yes | Container repository path pattern protected by the protection rule. For example flight/flight-*. Wildcard character * allowed. |
minimum_access_level_for_push | string | No | Minimum GitLab access level required to push container images to the container registry. For example maintainer, owner or admin. Must be provided when minimum_access_level_for_delete is not set. |
minimum_access_level_for_delete | string | No | Minimum GitLab access level required to delete container images in the container registry. For example maintainer, owner, admin. Must be provided when minimum_access_level_for_push is not set. |
If successful, returns 201 and the created container repository protection rule.
Can return the following status codes:
201 Created: The protection rule was created successfully.400 Bad Request: The protection rule is invalid.401 Unauthorized: The access token is invalid.403 Forbidden: The user does not have permission to create a protection rule.404 Not Found: The project was not found.422 Unprocessable Entity: The protection rule could not be created. For example, because therepository_path_patternis already taken.
Example request:
curl --request POST \
--header "PRIVATE-TOKEN: <your_access_token>" \
--header "Content-Type: application/json" \
--url "https://gitlab.example.com/api/v4/projects/7/registry/protection/repository/rules" \
--data '{
"repository_path_pattern": "flightjs/flight-needs-to-be-a-unique-path",
"minimum_access_level_for_push": "maintainer",
"minimum_access_level_for_delete": "maintainer"
}'Update a container repository protection rule
Update a container repository protection rule for a project’s container registry.
PATCH /api/v4/projects/:id/registry/protection/repository/rules/:protection_rule_idSupported attributes:
| Attribute | Type | Required | Description |
|---|---|---|---|
id | integer/string | Yes | ID or URL-encoded path of the project. |
protection_rule_id | integer | Yes | ID of the protection rule to be updated. |
repository_path_pattern | string | No | Container repository path pattern protected by the protection rule. For example flight/flight-*. Wildcard character * allowed. |
minimum_access_level_for_push | string | No | Minimum GitLab access level required to push container images to the container registry. For example maintainer, owner or admin. Must be provided when minimum_access_level_for_delete is not set. To unset the value, use an empty string "". |
minimum_access_level_for_delete | string | No | Minimum GitLab access level required to delete container images in the container registry. For example maintainer, owner, admin. Must be provided when minimum_access_level_for_push is not set. To unset the value, use an empty string "". |
If successful, returns 200 and the updated protection rule.
Can return the following status codes:
200 OK: The protection rule was updated successfully.400 Bad Request: The protection rule is invalid.401 Unauthorized: The access token is invalid.403 Forbidden: The user does not have permission to update the protection rule.404 Not Found: The project was not found.422 Unprocessable Entity: The protection rule could not be updated. For example, because therepository_path_patternis already taken.
Example request:
curl --request PATCH \
--header "PRIVATE-TOKEN: <your_access_token>" \
--header "Content-Type: application/json" \
--url "https://gitlab.example.com/api/v4/projects/7/registry/protection/repository/rules/32" \
--data '{
"repository_path_pattern": "flight/flight-*"
}'Delete a container repository protection rule
Deletes a container repository protection rule from a project’s container registry.
DELETE /api/v4/projects/:id/registry/protection/repository/rules/:protection_rule_idSupported attributes:
| Attribute | Type | Required | Description |
|---|---|---|---|
id | integer/string | Yes | ID or URL-encoded path of the project. |
protection_rule_id | integer | Yes | ID of the container repository protection rule to be deleted. |
If successful, returns 204 No Content.
Can return the following status codes:
204 No Content: The protection rule was deleted successfully.400 Bad Request: Theidor theprotection_rule_idare missing or are invalid.401 Unauthorized: The access token is invalid.403 Forbidden: The user does not have permission to delete the protection rule.404 Not Found: The project or the protection rule was not found.
Example request:
curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://gitlab.example.com/api/v4/projects/7/registry/protection/repository/rules/1"Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support