Protected runner executes jobs on protected branch [Solution 1]
What does this MR do?
This MR is continued from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13192. To accomplish this feature, we need to implement a mechanism for "Protected runner executes jobs on protected branch. Unprotected runner executes jobs on unprotected branch". However, there is a technical challenge that ci_builds doesn't have data whether the ref is protected or not.
This MR addresses the challenge with Solution 1.
Solution 1. Persists
protected(ref) flag on
builds_for_specific_runnerread the flag instead of executing
protected_for?one by one.
Update Aug 21st
ci_biulds instead of
ci_pipelines. See https://gitlab.com/gitlab-org/gitlab-ce/issues/33281#note_37674757.
Compared with solution2
If user changes the ref protection, do we need to update the corresponded data on ci_pipelines? https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13192#note_36334215
Alter column on ci_pipelines
Are there points in the code the reviewer needs to double check?
How should we mark the
protected flag on
ci_biulds? Do we leverage it by only protected-branch-or-not?
Why was this MR needed?
This is aimed for %10.0
Screenshots (if relevant)
Does this MR meet the acceptance criteria?
- Changelog entry added, if necessary
- Documentation created/updated
- API support added
- Added for this feature/bug
- All builds are passing
- [-] Has been reviewed by UX
- [-] Has been reviewed by Frontend
- Has been reviewed by Backend
- [-] Has been reviewed by Database
- Conform by the merge request performance guides
- Conform by the style guides
Branch has no merge conflicts with
master(if it does - rebase it please)
- Squashed related commits together
What are the relevant issue numbers?
- Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/33281
- Solution 2 => https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13216