I'm trying to add an approval job and I want only users from "team-leaders" groups at GitHub can click the approve.
what I've done so far:
I created a GitHub team - "team-leaders" and added only me to the group.
add this step to the workflow:
approval:
jobs:
- approval:
type: approval
when I'm uploading a new commit it does create an approval job that holds, but every user can accept this job and not only the users from the team leaders.
can I make that only the team leaders can approve my job?
Thanks.
You can't restrict the approval action; as you found out, any user who has write access to the repo/project can perform this action.
What you can do though, is apply a restricted context to all the downstream jobs. You can find an example in the CircleCI documentation > https://circleci.com/docs/contexts/#approve-jobs-that-use-restricted-contexts.