I have a Gitlab Docker registry deployed, and it is working great. Right now, Gitlab and registry authentication is managed through LDAP and any user with access to a project can push a Docker image to a project’s registry.
We want the registry to be populated by successful Jenkins builds and only successful Jenkins builds. Is there a way, at this time, to limit push-capabilities to the registry to a specific user while allowing all users the ability to pull from it?
Also, it can’t affect our preexisting access controls to the Gitlab repos.