Make `workflow:rules` work well with Merge Requests
What does this MR do?
Resolves #31685 (closed)
This improves workflow:rules
behavior to allow
workflow rules to control when pipeline is created.
For, example it allows to define a global workflow to create pipelines on a branch, and on a merge request in an easy way without the need to re-invent that multiple times for each job.
To make the below workflow easy, this MR adds a simple variable:
CI_COMMIT_BRANCH
.
Example
- This example shows a rule that would only run the entire pipeline if the ref is a branch (i.e., not a tag and not an MR):
workflow:
rules:
- if: $CI_COMMIT_BRANCH
rspec:
script: echo Hello World
- This example would only run the pipeline if there is a tag applied:
workflow:
rules:
- if: $CI_COMMIT_TAG
rspec:
script: echo Hello World
- This example will run a pipeline if the branch is 'master', or if there is a tag applied, or if this pipeline is for a merge request. Note that multiple
if
entries are treated as OR:
workflow:
rules:
- if: $CI_COMMIT_BRANCH == 'master'
- if: $CI_COMMIT_TAG
- if: $CI_MERGE_REQUEST_IID
rspec:
script: echo Hello World
Previously
Previously, these rules would have to be applied over and over again on each job to achieve the desired result. Now, we can evaluate these at the workflow level and avoid this duplication.
This is also the advised way to configure usage of Merge Request
pipelines.
workflow:
keyword name
We chose the name workflow:
for the keyword because, with child/parent pipelines and other potential future features, a single .gitlab-ci.yml
can represent what will be instantiated as multiple pipelines. A pipeline:
keyword in this scenario would be confusing, but a workflow
represents this complete combination of potential jobs and pipelines that are represented by a single .gitlab-ci.yml.
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team