Improve error message for inaccessible remote CI includes
Problem to Solve
When a GitLab CI configuration includes a remote file from a private project, the error message is misleading and doesn't clearly explain the actual issue.
In the documentation, we mention that: https://docs.gitlab.com/ci/yaml/#includeremote
A public URL accessible by an HTTP/HTTPS GET request:
Authentication with the remote URL is not supported.
Current Behavior
Users see a confusing YAML parsing error:
This GitLab CI configuration is invalid:
mapping values are not allowed in this context at line 17 column 45Expected Behavior
The error message should clearly state:
- The remote URL is not accessible
- Authentication is not supported for remote includes
- The file must be publicly accessible via HTTP/HTTPS
- Suggest alternatives (use
include:localor make the project public/internal)
Root Cause
According to the documentation (https://docs.gitlab.com/ci/yaml/#includeremote):
A public URL accessible by an HTTP/HTTPS GET request. Authentication with the remote URL is not supported.
When GitLab tries to fetch a remote file from a private project, it receives a 401/403 response, but instead of reporting this clearly, it returns a generic YAML parsing error that misleads users into thinking their configuration syntax is wrong.
Example Scenario
- User has a private project with CI templates:
https://gitlab.com/group/project/template-1.yml - User tries to include it in another project:
include:
remote: https://gitlab.com/group/project/.gitlab-ci-yml`- GitLab returns:
mapping values are not allowed in this context at line 17 column 45