there are several jobs in the protected branch. the last job is manual, but regular users cannot run it. how can an ordinary user run a manual job in a protected branch?
in the picture, an ordinary user does not have a play button
Asked
Active
Viewed 7,725 times
2 Answers
9
Only users who can push or merge to a protected branch are allowed to run manual jobs for a pipeline on a protected branch.
See footnote 5: https://docs.gitlab.com/ee/user/permissions.html
[Run CI/CD pipeline for a protected branch] If the user is allowed to merge or push to the protected branch.
Thus, the only way to allow a user to run this job on a protected branch would be to give them permission to either push or merge to the protected branch.
sytech
- 29,298
- 3
- 45
- 86
-
thanks for the reply. I read the documentation, but I thought there was a workaround – Zempik Feb 16 '22 at 06:41
3
There is a workaround.
- To allow Developer user to run the manual job you can allow Developer to merge to the particular branch
- And to restrict Developers to merge to this branch add an additional rule with the mask matching the same branch.
- As a result they will not be able to merge/push but will be allowed to run manual jobs.
prog76
- 101
- 1
- 4
-
Unfortunately or fortunately, the developers do not have access to the protected branch. so I'm looking for a workaround. – Zempik Oct 24 '22 at 10:09
-
yes, and my point is to give to Developers this access explicitly but also reject it by mask. so they will not be able to merge or push, but will have the ability to execute pipelines. – prog76 Oct 27 '22 at 08:32
-
I don't fully understand your implementation. can you elaborate? for example, through editing your response. your answer will help other participants. thanks for your help. – Zempik Oct 27 '22 at 10:40