Manual play on protected environment does not change the trigger user for the next jobs

,

Hello Gitlab forum

Describe your question in as much detail as possible:
I’m trying to build a pipeline where a developer would be able to deploy into the dev environment using a dev stage, and a manual stage for prod that would be triggered by a maintainer

After the build_prd job has been successfully completed the test_prd job fails with the following error:

The environment this job is deploying to is protected. Only users with permission may successfully run this job. The deployment of this job to [prd]

From my testing this occurs because the pipeline was created by a developer and the triggered by user is not updated in the downstream jobs after the ‘play’ / ‘play all’ button is clicked.

A maintainer could retry the test_prd job and the job would start, but the deploy_prd job sometimes gets a random outcome: success / skipped ( different topic for the needs issues )

Is there a way to properly overwrite the triggered user in the jobs that are after the manual job ?
Is there another way to achieve this flow?

  • What version are you on? Are you using self-managed or GitLab.com?
    • *GitLab (Hint: /help): gitlab.com
    • *Runner (Hint: /admin/runners): shared
---
stages:
  - dev
  - prd

build_dev:
  stage: dev
  script:
    - echo
  environment:
    name: dev
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

test_dev:
  stage: dev
  script:
    - echo
  needs:
    - job: build_dev
  environment:
    name: dev
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

deploy_dev:
  stage: dev
  script:
    - echo
  needs:
    - job: test_dev
  environment:
    name: dev
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

# Protected enevironment:

build_prd:
  stage: prd
  script:
    - echo
  environment:
    name: prd
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
      when: manual
      allow_failure: false

test_prd:
  stage: prd
  script:
    - echo
  needs:
    - job: build_prd
  environment:
    name: dev
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

deploy_prd:
  stage: prd
  script:
    - echo
  needs:
    - job: test_prd
  environment:
    name: prd
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH