Adding Maintainer for artifacts:access

Why are we doing this work

In GitLab 16.11, we introduced the concept of artifacts:access. This issue proposes the addition of Maintainer+ level access restriction for this keyword.

Relevant links

Non-functional requirements

Documentation:
Testing:

Implementation plan

We have to add a maintainer role, similar what we did in !145206 (merged)

- `maintainer`: Artifacts are only available for download by users with the Maintainer role or higher.

define .gitlab-ci.yml

# .gitlab-ci.yml
stages: [build]

# Control: default access
default_artifacts:
  stage: build
  script: ["echo default > out.txt"]
  artifacts:
    paths: [out.txt]

# Control: developer access (existing behavior)
dev_artifacts:
  stage: build
  script: ["echo dev > dev.txt"]
  artifacts:
    paths: [dev.txt]
    access: developer

# New: maintainer+ access (to be added)
maintainer_artifacts:
  stage: build
  script: ["echo maint > maint.txt"]
  artifacts:
    paths: [maint.txt]
    access: maintainer

In one project, add users with roles: Guest, Reporter, Developer, Maintainer, Owner.
Run a pipeline that produces all three jobs above.

Check:

Maintainer/Owner: can see and download all artifact buttons (default/dev/maintainer).
Developer/Reporter/Guest:

Can download default and developer (per current rules).
Cannot see/download maintainer_artifacts

Edited Aug 19, 2025 by Dmytro Biryukov