My use case is that I am replacing a Daily Release form paper trail with Go, so signatures are replaced with approval stages. However I need the developers to have Pipeline group admin rights to change the pipeline label to the current release number, BUT I don't want them to be able to authorize the Approval stage at the end of this pipeline, this will only be approved by a manager or his deputy (and this create artifacts for deployment to Prodcution). Currently once i have given them Group admin permissions they can do anything in the group.
So I would like admins to be just that, only provides access to Admin menu and not have Operate permissions unless explicitly declared for given stages. If I can't show this to be the case then I won't be able to replace the paper trail with Go and slimline the process (Go has advantages such as approval when working from home, electronic audit trail, etc)
This would be a more secure model and conform to the 'separation of duties' principle which Go should allow you to enforce.
Please sign in to leave a comment.