v3.8 to v3.9 · GitLab.com / GitLab Infrastructure Team / common-ci-tasks

Commits on Source 8

feat: add GitLab Duo as reviewer for Renovate MRs in dedicated config · afac9698

Andrew Newdigate authored Mar 10, 2026

Add @GitLabDuo to additionalReviewers in renovate-versions-dedicated.json to test GitLab Duo's capability to review Renovatebot merge requests. This is a first step toward exploring autonomous merges of Renovate changes, pending SOC2 compliance. Using the dedicated config limits scope to a subset of Platforms projects to manage potential load on GitLab Duo.

afac9698

Merge branch 'an/2026-03-10-duo-review-renovate' into 'main' · 2844f619
Craig Miskell authored Mar 11, 2026
```
feat: add GitLab Duo as reviewer for Renovate MRs in dedicated config

See merge request !1342
```
2844f619

chore(release): 3.9.0 · d5e980bc

semantic-release-bot authored Mar 10, 2026

## [3.9.0](https://gitlab.com/gitlab-com/gl-infra/common-ci-tasks/-/compare/...) (2026-03-10)

### Features

* add GitLab Duo as reviewer for Renovate MRs in dedicated config ([afac9698](afac9698))

d5e980bc

fix: skip goreleaser_build and security scanners on renovate scheduled pipelines · acf10cd2

Alessio Caiazza authored Mar 12, 2026

goreleaser_build was running on renovate scheduled pipelines because its
first rule's negative logic allowed schedules on the default branch to
fall through to a bare exists fallback rule.

Security scanners (secret_detection, semgrep-sast, dependency-scanning)
were running because upstream GitLab templates use $CI_COMMIT_BRANCH as
a catch-all that matches scheduled pipelines.

Changes:
- Add RENOVATE_SCHEDULED/RENOVATE_IMMEDIATE guard as first rule in
  goreleaser_build (goreleaser.yml)
- Gate gitlab-scanners.yml inclusion on renovate variables using
  include:rules in standard-build template (templates/standard.yml)

Both changes use renovate-specific variables instead of blanket
$CI_PIPELINE_SOURCE == schedule to avoid breaking consumers with
non-renovate scheduled pipelines.

AI-assisted: GitLab Duo Agentic Chat (Claude Opus 4.6)

acf10cd2

docs: add centralized MR labels reference to README · a9c2b5fe

Reuben Pereira authored Mar 12, 2026

Add a new 'MR Labels' section documenting all labels that can be used
on merge requests to tune CI job behavior, along with their variable
alternatives and links to detailed docs.

Related to delivery#21877

a9c2b5fe

Merge branch 'rpereira2/document-mr-labels' into 'main' · 3f585b41
John Skarbek authored Mar 12, 2026
```
docs: add centralized MR labels reference to README

See merge request !1344
```
3f585b41
Merge branch 'nolith/skip-renovate-extra-jobs' into 'main' · adb8f220
Bob Van Landuyt authored Mar 12, 2026
```
fix: skip goreleaser_build and security scanners on renovate scheduled pipelines

See merge request !1343
```
adb8f220

chore(release): 3.9.1 · 3644a376

semantic-release-bot authored Mar 12, 2026

## [3.9.1](https://gitlab.com/gitlab-com/gl-infra/common-ci-tasks/-/compare/...) (2026-03-12)

### Fixes

* skip goreleaser_build and security scanners on renovate scheduled pipelines ([acf10cd2](acf10cd2))

### Docs

* add centralized MR labels reference to README ([a9c2b5fe](a9c2b5fe)), closes [delivery#21877](https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues/)

3644a376