Fix users can't execute deployment after protection is removed
What does this MR do and why?
This MR fixes the issue that users can't approve/reject a deploy to protected env after protection is removed.
The main problem here is that the deployment.status
stays as blocked
(waiting for approval) when approvals rules are removed. We currently don't have a process to synchronize the deployment statues after the setting is changed, which is expensive process due to updating number of deployments
rows at once.
This MR adjusts the core evaluation to re-compute the "waiting for approval" state instead of relying on deployment.status
.
Later, we will refactor the blocked
state to be generic "waiting" state in Track manual deployments (#373791). See Fix deployments waiting for user actions are ma... (!125659 - merged) for more information.
A few notes:
- This change is behind 'dynamically_compute_deployment_approval' feature flag, which is disabled by default.
- Related to Draft: Dynamically compute deployment waiting f... (!120554 - closed)
- Fixes Can't approve/reject a deploy to protected env ... (#404574 - closed)
Screenshots or screen recordings
How to set up and validate locally
- Create a project with EEP license.
- Create
.gitlab-ci.yml
:deploy: script: echo environment: production when: manual
- Configure Deployment Approvals
- Run a pipeline and make sure that the deployment job is waiting for approval.
- Remove the Deployment approval setting.
- Visit the deployment job and confirm that the job is executable.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.