Prevent anyone from deleting protected environments
Problem to solve
Right now, you'll see the stop button if the user is allowed to stop the environment. With https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22292 this will also be in the merge request widget for post-merge environments.
Being able to easily delete/stop a production environment is not something that should be encouraged. To do this with https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22292 within the context of a feature branch is even worse.
The same protections should be applied via the UX as in the API for this to be considered coherent.
Further details
Proposal
Similar to protected branches, protected environments should prevent anyone from stoping/deleting them.
- Maintainers by default have access, but the protected environment is also configurable to have a list of users who have access.
- Only maintainers are allowed to create or designate (including removal of designation) protected environments
- Only maintainers or those given access are allowed to run pipelines targeting the environment
- Nobody is allowed to stop or delete the environment; protected status must be removed to allow this
What does success look like, and how can we measure that?
- Protected environments are no longer easily stoppable/deletable.
- The button for this will automatically be non accessible anymore in the merge request widget (taken https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22292 is merged)
Links / references
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22292
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.