Protected runners
Description
We want to protect runners that have access to sensitive environments (production), so only jobs running on protected branches can use them.
Proposal
Add checkbox to project runners to "protect" them.
- Protected runners would be visible like normal, but only manageable by Masters.
- Protected runners would only be allowed to run on pipelines triggered on protected branches/tags.
- The checkboxes would of course only be available to Masters.
Some additional consideration:
- unprotected runners can run any job (also on protected branches)
- we should mention how to use this feature correctly with tags in the documentation
Links / references
Documentation blurb
There are sensitive tasks that runners should do during the CI/CD process that require attention. Especially during deploy to specific environments, we want to be sure that nobody can access credential information or private configuration options.
In order to avoid any data leak, you can set a "protected" flag to a specific runner, so they can be used only on protected branches that contain trusted code.
Edited by Fabio Busatto