Why tags should never be removed from server?

Question

Reading Gerrit docs, it says:

[...] users should be really knowledgeable about git, 
for instance knowing why tags never should be removed from a server

It doesn't elaborate on this statement. I don't see any problem with it and I can't find any info about it either.

So, why tags should never be removed from server?

Answer 1

If you push annotated tags, they are supposed to represents "tags when a project reaches a stable release point worth remembering in history."

Since a project owner in Gerrit has the right to delete tags, the documentation add that warning in order for other users relying on said tags to not be surprised (or to be properly warned) if that tag were to change (or to be deleted).

See the section "Enforcing site wide access policies"

By granting the Owner access right on the refs/* to a group, Gerrit administrators can delegate the responsibility of maintaining access rights for that project to that group.

In a corporate deployment it is often necessary to enforce some access policies. An example could be that no-one can update or delete a tag, not even the project owners.
The ALLOW and DENY rules are not enough for this purpose as project owners can grant themselves any access right they wish and, thus, effectively override any inherited access rights from the "All-Projects" or some other common parent project.

That is why Gerrit proposes:

Make sure no one can update or delete a tag

This requirement is quite common in a corporate deployment where reproducibility of a build must be guaranteed. To achieve that we block push permission for the Anonymous Users in "All-Projects":

[access "refs/tags/*"]
  push = block group Anonymous Users
  create = group Project Owners
  pushTag = group Project Owners