We have GitHub setup with master as a protected branch.
However, non-admins can trigger a rebuild / multiple rebuilds in Circle. On any branch.
In our case, that means, contributors are able to redeploy our application.
What is the best way to prevent this? We basically only need the project to deploy if account X did it.
The only way I can see, is to set the CIRCLE_USERNAME var in the deploy script.
The approach you suggest sounds like a good way to achieve this. You can check for approved values via that env var and some conditional logic in circle.yml.
You could also set it so that only the master branch deploys if that suits your workflow: https://circleci.com/docs/configuration/#deployment
That’s the point - only master builds do deploy.
But, they can be rebuilt again and again and again and again and again. By anyone.
I don’t have a guranteed solution, but I may have some possible workarounds. Have you tried messing with the owner in the deployment section? Another thing to look at is the $CIRCLE_PREVIOUS_BUILD_NUM environment variable. The first build shouldn’t have this filled in while all the rebuilds should. Also checking the $CIRCLE_USERNAME is a permitted user.