On Demand Testing

We are just starting to use GitLab CI on one of our projects. Up until now our (manual) testing workflow has been,

Develop on branch,
When branch is ready for merging with master
merge master -> branch
test merged result
if tests pass
pull branch -> master

The motivation for this process is that we don’t want potentially broken code in the master branch. I am not sure how we could replicate this workflow in GitLab CI. So far as I see it I have only two options

  1. Set tests to run only on master branch, so merged result is only tested when it is pulled in to master. (not perfect, see above)
  2. Add [ci skip] to every single commit except those that we want to run a test. It would be easier here to do [ci force] (if such a thing existed).

What is the recommended approach here?