Resetting approvals after job execution
Problem
When a deployment executor rollback/re-deploy to a previous deployment, it should require approvals again, however, the previous approvals are still remaining and effective so the deployment executor can skip the process.
I've tested the Deployment Approval functionality a bit, and it looks very promising but I have a bit of an issue. I want to use approvals to protect from accidental deployments by requiring more than one person to be involved. But when an approval is given, the approved job can then be re-run at any later time without requiring a new approval (seemingly because this job is now approved). But this can be intrusive if the deployment process is not seamless and invisible. Is there a way to limit an approval so a job can be run only once, and then require approval again, or is this perhaps a feature that could be considered?
We would also want this feature. Allowing anyone to re-deploy an old version that was previously approved is a security risk since the old version might have a known bug/issue. On that note, also being able to mark a deployment as borked would be neat, but not as important as long as each deployment requires an approval.
Proposal
TBD