We know that to run CI/CD in a certain branch, we use option only in the gitlab-ci.yml
However, as an owner of a project, I don’t want to allow other developers to change the gitlab-ci.yml to run CI/CD in arbitrary branches. Developers have to merge your changes to the master branch to trigger the CI/CD pipeline.
What is the best solution for this case?
good point, I had to research myself for protecting the CI config. That actually was made possible with maintaining the CI config in a different repository, if that is an option for you. That was added into the latest 12.6 release.
I read the mentioned article before, but I don’t think using CODEOWNERS file resolves my problems. Developers can still create a new branch and edit gitlab-ci.yml in their branch, and of course, this CI can be triggered.
Regarding your idea, maintaining the CI config in a different repository. Can you tell me more details? How can I trigger CI/CD when the config locates in an external project?
actually I was not referring to CODEOWNERS but the possibility to move .gitlab-ci.yml into a different repository only
Within your Project settings, navigate to
CI / CD > General pipelines.
Since 12.6 you may also add a URL or relative path like
/ops/central-ci/.gitlab-ci-this-project.yml to the configuration. In terms of automating this procedure, the project settings can also be updated via the REST API