<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=395675) </details> <!--IssueSummary end--> ## Summary After discussing the inter-play between cancel outdated deployments and deployment approvals, I investigated to see if it worked as expected. Unfortunately, if `Cancel outdated deploy jobs` is enabled, it does **NOT** cancel `blocked` deployment jobs pending approval. This seems to be the case regardless of whether or not the job is labelled `when: manual` ## Steps to reproduce I was unable to record a VO but I have attached a video walkthrough of the following steps: 1. Show that `Prevent outdated deployment jobs` is enabled 2. Show three deployment jobs, with IDs `17`, `20`, `24`, all `blocked` and pending approval 3. Approve and run deployment job `24` 4. Show that the old deployment jobs are still `blocked`  ## What is the current *bug* behavior? outdated deployment jobs pending approval are not cancelled ## What is the expected *correct* behavior? outdated deployment jobs should be cancelled ## Relevant logs and/or screenshots <!-- Paste any relevant logs - please use code blocks (```) to format console output, logs, and code as it's tough to read otherwise. --> ## Possible fixes `Deployments::ApprovalService` should return a more descriptive error message when a deployment job is outdated and can't be updated. ```diff diff --git a/ee/app/services/deployments/approval_service.rb b/ee/app/services/deployments/approval_service.rb index 86976a834e9e..681d2c218ef3 100644 --- a/ee/app/services/deployments/approval_service.rb +++ b/ee/app/services/deployments/approval_service.rb @@ -69,6 +69,10 @@ def validate(deployment, status) return _('Deployment approvals is not configured for this environment.') end + if !deployment.environment.has_approval_rules? && deployment.deployable&.outdated_deployment? + return _('You cannot approve or reject the deployment because the deployment job is outdated. Please see [Prevent outdated deployment jobs](https://docs.gitlab.com/ee/ci/environments/deployment_safety.html#prevent-outdated-deployment-jobs) for more information.') + end + unless current_user&.can?(:approve_deployment, deployment) return _("You don't have permission to approve this deployment. Contact the project or group owner for help.") end ``` This will surface the error in both Deployment Approval UI and API. <!-- If you can, link to the line of code that might be responsible for the problem. --> <!-- Default labels --> <!-- Optional labels --> <!-- https://about.gitlab.com/handbook/engineering/quality/issue-triage/#severity --> ## Implementation guide <!-- If the issue clear enough, consider inviting community contributors -->