Skip to content

Add additional matcher types to `rules:`

Problem to solve

The new rules syntax implemented in https://gitlab.com/gitlab-org/gitlab-ce/issues/60085 provides only an if: matcher that can operate on variables. There are a few common matching criteria that it may be nice to provide syntactic sugar for.

Intended users

Software Developers

Proposal

Add the following new matcher types that implement an easier to understand version of the if: element.

branch: matcher

rules:
  - branch: master # match by string, the branch name `master`
  - branch: /stable-.*/ # match by regexp, the branch name
  - branch: yes # accept every reference that is branch
                # yes is a boolean type (equal to true), so it is different than string
                # `any` could be used, but then it would be magic keyword from string

tag: matcher

rules:
  - tag: v1.0 # match by string, the tag name `master`
  - tag: /tag-.*/ # match by regexp, the tag name
  - tag: yes # accept every reference that is tag
             # yes is a boolean type (equal to true), so it is different than string
             # `any` could be used, but then it would be magic keyword from string

project: matcher

Matches a target project for merge request pipelines, or project for all other types of pipelines,.

rules:
  - project: gitlab-org/gitlab-ce # match by string, the project name

source_project: matcher

Matches source project, the source project makes sense in context of merge request pipelines, when they are created from fork.

rules:
  - source_project: ayufan/gitlab-ce # match by string, the source project name of MR pipeline

source: matcher

The source of action [the special keywords of only:refs]: (https://docs.gitlab.com/ee/ci/yaml/#onlyexcept-basic):

rules:
  - source: web
  - source: push
  - source: trigger
  - source: schedule
  - source: pipeline
  - source: chat
  - source: api
  - source: merge-request

merge-request: matcher

Matches all pipelines that are for merge requests, the merge-request: matches the source branch name.

rules:
  - merge-request: /security-.*/ # we target all merge requests that are created from `security-.*`
  - merge-request: yes # similar to branch/tag, the `true` matches all merge-requests

If you would like to support matching merge requests targeting given branch, you would join that with branch: master as follows:

rules:
  - merge-request: /security-.*/ # we target all merge requests that are created from `security-.*`
    branch: master # match merge requests targeting `master` branch

Permissions and Security

Documentation

Testing

What does success look like, and how can we measure that?

Links / references

Edited by Jason Yavorsky