Allow child pipelines to trigger their own child pipelines
Problem to solve
With https://gitlab.com/gitlab-org/gitlab-ce/issues/22972 we introduce the new idea of child/parent pipelines. For the MVC, however, we limit the relationship only to parent->child, and disallow parent->child->child->(...). One level of relationship is good for many use cases, but in a more complex workflow you have pipeline branches creating one or maybe two pipeline branches of their own.
Intended users
Software Developers
Further details
- See https://gitlab.com/gitlab-org/gitlab-ce/issues/22972 for details on parent/child implementation.
Proposal
Remove the limitation for child pipelines, and set a maximum depth for relationships. A decent starter value could be 5, but even 2 is better (that at least unlocks an alternative to #229134 (closed)). If the max depth is reached, the pipeline should fail to start and return a failure status attribution, and there should be a clear message what happened.
We could implement this using Gitlab::ObjectHierarchy utility which is already used today for groups/sub-groups. This would allow us to find out all descendants or all ancestors as well as calculating the max_descendants_dept which should be used to enforce the limit.
- change
Ci::Pipeline#same_family_pipeline_idsto take in consideration a wider hierarchy - change
Ci::CreateCrossProjectPipelineService#ensure_preconditions!to account for a wider hierarchy - ensure pipeline processing works as expected with status attribution
Permissions and Security
A maximum depth is important to prevent recursive/runaway pipelines causing a denial of service.