Protected runner executes jobs on protected branch [Solution 1]
What does this MR do?
This MR is continued from !13192 (closed). To accomplish this feature, we need to implement a mechanism for "Protected runner executes jobs on protected branch. Unprotected runner executes jobs on unprotected branch". However, there is a technical challenge that ci_builds doesn't have data whether the ref is protected or not.
This MR addresses the challenge with Solution 1.
Solution 1. Persists
protected(ref) flag on
builds_for_specific_runnerread the flag instead of executing
protected_for?one by one.
Update Aug 21st
ci_biulds instead of
ci_pipelines. See #33281 (comment 37674757).
Compared with solution2
- If user changes the ref protection, do we need to update the corresponded data on ci_pipelines? !13192 (comment 36334215)
- Alter column on ci_pipelines
Are there points in the code the reviewer needs to double check?
How should we mark the
protected flag on
ci_biulds? Do we leverage it by only protected-branch-or-not?
Why was this MR needed?
This is aimed for 10.0
Screenshots (if relevant)
Does this MR meet the acceptance criteria?
- Changelog entry added, if necessary
- Documentation created/updated
- API support added
- Added for this feature/bug
- All builds are passing
- [-] Has been reviewed by UX
- [-] Has been reviewed by Frontend
- Has been reviewed by Backend
- [-] Has been reviewed by Database
- Conform by the merge request performance guides
- Conform by the style guides
Branch has no merge conflicts with
master(if it does - rebase it please)
- Squashed related commits together