Update gemnasium to conditionally trigger child pipelines based on labels
Proposal
Now that Conditionally run gemnasium child pipelines bas... (#365313 - closed) has been completed, we can conditionally trigger child pipelines in gemnasium
by adding a [<analyzer> only]
suffix to the MR title.
However, the danger-review
job will fail if a merge request has a title longer than 72 characters. This can prevent us from including conditional tags in the MR title, such as [gemnasium-maven only]
, because it increases the title length past this threshold, which causes a failure.
In order to avoid these failures, we can change the current logic from matching against titles:
- if: $CI_MERGE_REQUEST_TITLE =~ /\[sbomgen-golang only\]/
when: on_success
to matching against the CI_MERGE_REQUEST_LABELS
predefined variable instead:
- if: $CI_MERGE_REQUEST_LABELS =~ /gemnasium-only/
when: on_success
This has been tested here and it works as expected.
The purpose of this issue is to implement the above behaviour.
Proposal
-
Determine which labels to use. We'll use the following labels:
- ~"trigger-gemnasium"
- ~"trigger-gemnasium-python"
- ~"trigger-gemnasium-maven"
- ~"trigger-sbomgen-golang"
-
Update the following trigger
jobs ingemnasium
to useCI_MERGE_REQUEST_LABELS
instead ofCI_MERGE_REQUEST_TITLE
:
/cc @gonzoyumo @fcatteau