Override ci.skip option when Pipeline execution policies are present
What does this MR do and why?
This change enforces pipeline to run if there are Pipeline execution policies applicable to the project regardless of ci.skip
option.
Addresses suggestion from !150156 (comment 1931434533).
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
- Enable the feature flag
echo "Feature.enable(:pipeline_execution_policy_type)" | rails c
- Create two new projects. One for testing and one as the security policy project
- In the testing project, select Security & Compliance and Policies
- Select Edit policy project
- Select your security policy project and Save
- On you security policy project, create a new file
.gitlab/security-policies/policy.yml
with content:--- pipeline_execution_policy: - name: Test description: '' enabled: true content: policy build: stage: build script: - echo "Policy build." policy test: stage: test script: - echo "Policy test."
- Go to the testing project and create default
.gitlab-ci.yml
CI configuration. - Update README and commit the change with message
[ci-skip] Update README
- Verify that pipeline is running and includes the policy jobs.
Related to #464562 (closed)
Edited by Martin Čavoj