On GitLab even if you set the same cache key it will not cross between unprotected and protected runs.

GitLab just adds a -protected suffix to the cache key.

It seems baffling that GitHub does not do this trivial separation, if I understand it correctly.