- Auto DevOps
-
Runners
- Enable instance runners for new projects
- Add a message for instance runners
- Enable a project runner for multiple projects
- Disable runner version management
- Restrict runner registration by all users in an instance
- Restrict runner registration by all members in a group
- Allow runner registrations tokens
- Artifacts
- Archive jobs
- Protect CI/CD variables by default
- Maximum includes
- Maximum downstream pipeline trigger rate
- Default CI/CD configuration file
- Set CI/CD limits
- Job token permissions
- Disable the pipeline suggestion banner
- Disable the migrate from Jenkins banner
- Required pipeline configuration
- Package registry configuration
CI/CD Admin area settings
The Admin area has the instance settings for CI/CD-related features, including runners, job artifacts, and the package registry.
Auto DevOps
To enable (or disable) Auto DevOps for all projects:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Check (or uncheck to disable) the box that says Default to Auto DevOps pipeline for all projects.
- Optionally, set up the Auto DevOps base domain which is used for Auto Deploy and Auto Review Apps.
- Select Save changes for the changes to take effect.
Every existing project and newly created ones that don’t have a
.gitlab-ci.yml
use the Auto DevOps pipelines.
Runners
Enable instance runners for new projects
You can set all new projects to have instance runners available by default.
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand Continuous Integration and Deployment.
- Select the Enable instance runners for new projects checkbox.
Any time a new project is created, the instance runners are available.
Add a message for instance runners
To display details about the instance runners in all projects’ runner settings:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand Continuous Integration and Deployment.
- Enter text, including Markdown if you want, in the Instance runner details field.
To view the rendered details:
- On the left sidebar, select Search or go to and find your project or group.
- Select Settings > CI/CD.
- Expand Runners.
Enable a project runner for multiple projects
If you have already registered a project runner you can assign that runner to other projects.
To enable a project runner for more than one project:
- On the left sidebar, at the bottom, select Admin.
- From the left sidebar, select CI/CD > Runners.
- Select the runner you want to edit.
- In the upper-right corner, select Edit ().
- Under Restrict projects for this runner, search for a project.
- To the left of the project, select Enable.
- Repeat this process for each additional project.
Disable runner version management
- Introduced in GitLab 15.10.
By default, GitLab instances periodically fetch official runner version data from GitLab.com to determine whether the runners need upgrades.
To disable your instance fetching this data:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand Runners.
- In the Runner version management section, clear the Fetch GitLab Runner release version data from GitLab.com checkbox.
- Select Save changes.
Restrict runner registration by all users in an instance
- Enabled on GitLab.com and self-managed in GitLab 15.5.
GitLab administrators can adjust who is allowed to register runners, by showing and hiding areas of the UI. This setting does not affect the ability to create a runner from the UI or through an authenticated API call.
When the registration sections are hidden in the UI, members of the project or group must contact administrators to enable runner registration in the group or project. If you plan to prevent registration, ensure users have access to the runners they need to run jobs.
By default, all members of a project and group are able to register runners.
To restrict all users in an instance from registering runners:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand Runners.
- In the Runner registration section, clear the Members of the project can register runners and Members of the group can register runners checkboxes to remove runner registration from the UI.
- Select Save changes.
Restrict runner registration by all members in a group
Prerequisites:
- Runner registration must be enabled for all users in the instance.
GitLab administrators can adjust group permissions to restrict runner registration by group members.
To restrict runner registration by members in a specific group:
- On the left sidebar, at the bottom, select Admin.
- Select Overview > Groups and find your group.
- Select Edit.
- Clear the New group runners can be registered checkbox if you want to disable runner registration by all members in the group. If the setting is read-only, you must enable runner registration for the instance.
- Select Save changes.
Allow runner registrations tokens
- Introduced in GitLab 16.11
In GitLab 17.0, the use of runner registration tokens to create runners will be disabled in all GitLab instances. Users must use runner authentication tokens instead. If you have not yet migrated to the use of runner authentication tokens, you can allow runner registration tokens. This setting and support for runner registration tokens will be removed in GitLab 18.0.
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand Runners.
- Select the Allow runner registration token checkbox.
Artifacts
Maximum artifacts size
An administrator can set the maximum size of the job artifacts for:
- The entire instance
- Each project
- Each group
For the setting on GitLab.com, see Artifacts maximum size.
The value is in MB, and the default value is 100 MB per job. An administrator can change the default value for the:
-
Instance:
- On the left sidebar, at the bottom, select Admin.
- On the left sidebar, select Settings > CI/CD > Continuous Integration and Deployment.
- Change the value of Maximum artifacts size (MB).
- Select Save changes for the changes to take effect.
-
Group (this overrides the instance setting):
- Go to the group’s Settings > CI/CD > General Pipelines.
- Change the value of Maximum artifacts size (in MB).
- Select Save changes for the changes to take effect.
-
Project (this overrides the instance and group settings):
- Go to the project’s Settings > CI/CD > General Pipelines.
- Change the value of Maximum artifacts size (in MB).
- Select Save changes for the changes to take effect.
Default artifacts expiration
The default expiration time of the job artifacts
can be set in the Admin area of your GitLab instance. The syntax of duration is
described in artifacts:expire_in
and the default value is 30 days
.
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Change the value of default expiration time.
- Select Save changes for the changes to take effect.
This setting is set per job and can be overridden in
.gitlab-ci.yml
.
To disable the expiration, set it to 0
. The default unit is in seconds.
Keep the latest artifacts for all jobs in the latest successful pipelines
When enabled (default), the artifacts of the most recent pipeline for each Git ref (branches and tags) are locked against deletion and kept regardless of the expiry time.
When disabled, the latest artifacts for any new successful or fixed pipelines are allowed to expire.
This setting takes precedence over the project setting. If disabled for the entire instance, you cannot enable this in individual projects.
To disable the setting:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand Continuous Integration and Deployment.
- Clear the Keep the latest artifacts for all jobs in the latest successful pipelines checkbox.
- Select Save changes
When you disable the feature, the latest artifacts do not immediately expire. A new pipeline must run before the latest artifacts can expire and be deleted.
Disable the external redirect page for job artifacts
By default, GitLab Pages shows an external redirect page when a user tries to view a job artifact served by GitLab Pages. This page warns about the potential for malicious user-generated content, as described in issue 352611.
Self-managed administrators can disable the external redirect warning page, so you can view job artifact pages directly:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand Continuous Integration and Deployment.
- Deselect Enable the external redirect page for job artifacts.
Archive jobs
You can archive old jobs to prevent them from being re-run individually. Archived jobs display a lock icon () and This job is archived at the top of the job log.
To set the duration for which the jobs are considered as old and expired:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand the Continuous Integration and Deployment section.
- Set the value of Archive jobs.
- Select Save changes for the changes to take effect.
After that time passes, the jobs are archived in the background and no longer able to be
retried. Make it empty to never expire jobs. It has to be no less than 1 day,
for example: 15 days
, 1 month
, 2 years
.
For the value set for GitLab.com, see Scheduled job archiving.
Protect CI/CD variables by default
To set all new CI/CD variables as protected by default:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Select Protect CI/CD variables by default.
Maximum includes
- Introduced in GitLab 16.0.
The maximum number of includes per pipeline can be set for the entire instance.
The default is 150
.
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Change the value of Maximum includes.
- Select Save changes for the changes to take effect.
Maximum downstream pipeline trigger rate
- Introduced in GitLab 16.10.
The maximum number of downstream pipelines that can be triggered per minute
(for a given project, user, and commit) can be set for the entire instance.
The default value is 0
(no restriction).
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Change the value of Maximum downstream pipeline trigger rate.
- Select Save changes for the changes to take effect.
Default CI/CD configuration file
The default CI/CD configuration file and path for new projects can be set in the Admin area
of your GitLab instance (.gitlab-ci.yml
if not set):
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Input the new file and path in the Default CI/CD configuration file field.
- Select Save changes for the changes to take effect.
It is also possible to specify a custom CI/CD configuration file for a specific project.
Set CI/CD limits
- Maximum number of active pipelines per project setting removed in GitLab 16.0.
- Maximum number of instance-level CI/CD variables setting introduced in GitLab 17.1.
- Maximum number of jobs in a single pipeline setting moved from GitLab Enterprise Edition to GitLab Community Edition in 17.6.
You can configure some CI/CD limits from the Admin area:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand the Continuous Integration and Deployment section.
- In the CI/CD limits section, you can set the following limits:
- Maximum number of jobs in a single pipeline
- Total number of jobs in currently active pipelines
- Maximum number of pipeline subscriptions to and from a project
- Maximum number of pipeline schedules
- Maximum number of needs dependencies that a job can have
- Maximum number of runners created or active in a group during the past seven days
- Maximum number of runners created or active in a project during the past seven days
- Maximum number of downstream pipelines in a pipeline’s hierarchy tree
- Maximum number of instance-level CI/CD variables
Job token permissions
- Introduced in GitLab 17.6.
You can configure the CI/CD job token access setting for all projects from the Admin area.
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand the Continuous Integration and Deployment section.
- Enable Enable and enforce job token allowlist for all projects setting to require all projects to control job token access with the allowlist.
Disable the pipeline suggestion banner
By default, a banner displays in merge requests with no pipeline suggesting a walkthrough on how to add one.
To disable the banner:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Clear the Enable pipeline suggestion banner checkbox.
- Select Save changes.
Disable the migrate from Jenkins banner
- Introduced in GitLab 17.7.
By default, a banner shows in merge requests in projects with the Jenkins integration enabled to prompt migration to GitLab CI/CD.
To disable the banner:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Clear the Show the migrate from Jenkins banner checkbox.
- Select Save changes.
Required pipeline configuration
- Moved from GitLab Premium to GitLab Ultimate in 15.0.
- Deprecated in GitLab 15.9.
- Removed in GitLab 17.0.
-
Re-added behind the
required_pipelines
feature flag in GitLab 17.4. Disabled by default.
required_pipelines
, disabled by default.
Use compliance pipelines instead. This change is a breaking change.You can set a CI/CD template as a required pipeline configuration for all projects on a GitLab instance. You can use a template from:
- The default CI/CD templates.
-
A custom template stored in an instance template repository.
When you use a configuration defined in an instance template repository, nestedinclude:
keywords (includinginclude:file
,include:local
,include:remote
, andinclude:template
) do not work.
The project CI/CD configuration merges into the required pipeline configuration when
a pipeline runs. The merged configuration is the same as if the required pipeline configuration
added the project configuration with the include
keyword.
To view a project’s full merged configuration, View full configuration
in the pipeline editor.
To select a CI/CD template for the required pipeline configuration:
- On the left sidebar, at the bottom, select Admin Area.
- Select Settings > CI/CD.
- Expand the Required pipeline configuration section.
- Select a CI/CD template from the dropdown list.
- Select Save changes.
Package registry configuration
Maven Forwarding
GitLab administrators can disable the forwarding of Maven requests to Maven Central.
To disable forwarding Maven requests:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand the Package Registry section.
- Clear the checkbox Forward Maven package requests to the Maven Registry if the packages are not found in the GitLab Package Registry.
- Select Save changes.
npm Forwarding
GitLab administrators can disable the forwarding of npm requests to npmjs.com.
To disable it:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand the Package Registry section.
- Clear the checkbox Forward npm package requests to the npm Registry if the packages are not found in the GitLab Package Registry.
- Select Save changes.
PyPI Forwarding
GitLab administrators can disable the forwarding of PyPI requests to pypi.org.
To disable it:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand the Package Registry section.
- Clear the checkbox Forward PyPI package requests to the PyPI Registry if the packages are not found in the GitLab Package Registry.
- Select Save changes.
Package file size limits
GitLab administrators can adjust the maximum allowed file size for each package type.
To set the maximum file size:
- On the left sidebar, at the bottom, select Admin.
- Select Settings > CI/CD.
- Expand the Package Registry section.
- Find the package type you would like to adjust.
- Enter the maximum file size, in bytes.
- Select Save size limits.