Add ability to restrict deployments to either Owners or Admins only
Description
It would be very useful in certain security-constrained setups to be able to restrict deployments solely to Owners or Admins.
For example, in my organisation we have a strict policy whereby developers (even senior) are not permitted to deploy to production. That must be done by an operations engineer. However, developers are allowed to do Master-ish things like create tags and merge to protected branches (in preparation for deployment).
In GitLab, the developers have either Developer or Master role. The operations engineers have Owner role (on the group) and are also Admins.
I feel that the current policy of reusing the repository/branch permissions model for Environment permissions is not quite sufficient in this case - there needs to be one extra little permission level.
Proposal
- Allow marking Environments as "protected" so that CI jobs that create deployments to these environments are only runnable by users with the right permissions (essentially #2747 (closed))
- Add a setting at the server, group and project levels to allow changing the permission level required to deploy to protected environments (Master, Owner, Admin)