Prevent anyone from deleting protected environments
Problem to solve
Right now, you'll see the stop button if the user is allowed to stop the environment. With https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22292 this will also be in the merge request widget for post-merge environments.
Being able to easily delete/stop a production environment is not something that should be encouraged. To do this with https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22292 within the context of a feature branch is even worse.
The same protections should be applied via the UX as in the API for this to be considered coherent.
Further details
Proposal
Similar to protected branches, protected environments should prevent anyone from stoping/deleting them.
- Maintainers by default have access, but the protected environment is also configurable to have a list of users who have access.
- Only maintainers are allowed to create or designate (including removal of designation) protected environments
- Only maintainers or those given access are allowed to run pipelines targeting the environment
- Nobody is allowed to stop or delete the environment; protected status must be removed to allow this
What does success look like, and how can we measure that?
- Protected environments are no longer easily stoppable/deletable.
- The button for this will automatically be non accessible anymore in the merge request widget (taken https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22292 is merged)
Links / references
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22292
Edited by Jason Yavorska