Make it possible to trigger gitlab-org/gitlab downstream pipeline
In 7f4aba35 I've attempted to make it possible to trigger a gitlab-org/gitlab pipeline with the GITALY_SERVER_VERSION of the head commit of an MR. But as discussed this isn't that easy:
Given that this looks like it'll trigger a pipeline for the default branch, we don't need to pass
FORCE_GITLAB_CI, because in theworkflowdefined in.gitlab-ci.yml, we do allow for the default branch: https://gitlab.com/gitlab-org/gitlab/-/blob/cad24f511126a6b1d9510dda2527b3e1fdc666ae/.gitlab-ci.yml#L69- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' variables: CREATE_INCIDENT_FOR_PIPELINE_FAILURE: "true" NOTIFY_PIPELINE_FAILURE_CHANNEL: "master-broken"That said, it's still better to pass
FORCE_GITLAB_CIbecause here we can see that above will enableNOTIFY_PIPELINE_FAILURE_CHANNELwhich we don't want.If we pass
FORCE_GITLAB_CIlike we did here, it'll stop on the top which doesn't set additional variables.This is slightly related to why I said gitlab!102881 (merged) will not stop this from happening. That merge request is adding
if-default-refsto various conditions, which also includesFORCE_GITLAB_CI: https://gitlab.com/gitlab-org/gitlab/-/blob/cad24f511126a6b1d9510dda2527b3e1fdc666ae/.gitlab/ci/rules.gitlab-ci.yml#L24So in short, whenever
FORCE_GITLAB_CIis set, it will just run a lot of things, including things we want and we don't want :/This is not ideal in my opinion, but that's what it is right now and I am not sure how to improve this while keep everything backward compatible. I think we need to improve this and ponder more, but not something we can improve quickly.
And there's also another problem:
Given that it is triggering a pipeline on the default branch (
master), which is protected, you need to be a GitLab maintainer to trigger it.This is the reason why we're triggering QA on a mirror project: https://gitlab.com/gitlab-org/build/omnibus-gitlab-mirror
Where we can give wider permissions. Perhaps we need to find a workaround for this.