Skip to content

Fix users can't execute deployment after protection is removed

Shinya Maeda requested to merge dynamically-compute-deployment-approval into master

What does this MR do and why?

This MR fixes the issue that users can't approve/reject a deploy to protected env after protection is removed.

The main problem here is that the deployment.status stays as blocked (waiting for approval) when approvals rules are removed. We currently don't have a process to synchronize the deployment statues after the setting is changed, which is expensive process due to updating number of deployments rows at once.

This MR adjusts the core evaluation to re-compute the "waiting for approval" state instead of relying on deployment.status.

Later, we will refactor the blocked state to be generic "waiting" state in Track manual deployments (#373791). See Fix deployments waiting for user actions are ma... (!125659 - merged) for more information.

A few notes:

Screenshots or screen recordings

Peek_2023-07-10_10-52

How to set up and validate locally

  1. Create a project with EEP license.
  2. Create .gitlab-ci.yml:
    deploy:
        script: echo
        environment: production
        when: manual
  3. Configure Deployment Approvals
  4. Run a pipeline and make sure that the deployment job is waiting for approval.
  5. Remove the Deployment approval setting.
  6. Visit the deployment job and confirm that the job is executable.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Shinya Maeda

Merge request reports

Loading