CI_PIPELINE_TRIGGERED variable not evaluated in job rules when Pipeline Execution Policy is active

Summary

The predefined CI/CD variable CI_PIPELINE_TRIGGERED is not properly evaluated within rules: conditions when a Pipeline Execution Policy is applied to a project, even though the variable is correctly set and accessible during job execution.

Steps to reproduce

  1. Create a test project with the following .gitlab-ci.yml 
stages:
  - test
ci-triggered:
  stage: test
  rules:
    - if: $CI_PIPELINE_TRIGGERED
  script:
    - echo "Listing all environment variables:"
    - env | sort

ci-triggered-true:
  stage: test
  rules:
    - if: $CI_PIPELINE_TRIGGERED == "true"
  script:
    - echo "Listing all environment variables:"
    - env | sort
  1. Create a trigger token for the project by navigating to Settings → CI/CD → Pipeline trigger tokens
  2. Test without PEP
curl -X POST \
     --fail \
     -F token=TOKEN \
     -F ref=REF_NAME \
     https://gitlab.com/api/v4/projects/PROJECT_ID/trigger/pipeline
  1. Observe both jobs are included in the pipeline
  2. Apply a Pipeline Execution Policy with either strategy (inject/override)
pipeline_execution_policy:
  - name: policy-name
    description: ''
    enabled: true
    pipeline_config_strategy: override_project_ci
    content:
      include:
        - project: jasmintajshaik_ultimate_group/test-pipeline-vars
          file: .gitlab-ci.yml
  1. Trigger the pipeline again using the same curl command. Observe the error on the command line. curl: (56) The requested URL returned error: 400
  2. When looked into Kibana, it says "json": { "api_error": "{"message":{"base":["Missing CI config file"]}}"

Example Project

Reproduced the issue here: https://gitlab.com/jasmintajshaik_ultimate_group/test-pipeline-vars

Policy: https://gitlab.com/groups/jasmintajshaik_ultimate_group/-/security/policies/test-pipeline-vars/edit?type=pipeline_execution_policy

What is the current bug behavior?

When Pipeline Execution Policy is active:

  • Rules using $CI_PIPELINE_TRIGGERED or $CI_PIPELINE_TRIGGERED == "true" fail to evaluate correctly
  • Jobs depending on these rules are incorrectly excluded from the pipeline

Note:

  • The pipeline is still created successfully if there are other jobs that don't depend on CI_PIPELINE_TRIGGERED - only the jobs with rules referencing this variable are silently omitted
  • The variable exists and has the correct value during script execution, but not during rule evaluation phase

What is the expected correct behavior?

CI_PIPELINE_TRIGGERED should be available and properly evaluated in rules: conditions regardless of Pipeline Execution Policy presence.

Relevant logs and/or screenshots

Output of checks

This bug happens on GitLab.com

Edited by 🤖 GitLab Bot 🤖