Remove inaccessible artifacts from release evidence
What does this MR do and why?
This merge request updates the creation of release evidence summary to ensure the URLs of job/build artifacts which does not have artifacts:paths
specified are excluded from the evidence. With that fix in place, a release evidence's report_artifacts
would not include the url
of a non-existing artifact when the evidence is collected. This prevents users from getting 404 pages when trying to access those URLs.
As a follow up to this fix (tracked separately in #228648 (closed)) we also have to update CI templates to reflect the changes introduced here.
Resolves #225800 (closed).
How to set up and validate locally
To validate locally, please follow the steps below:
artifacts:paths
is specified
When - Create a project or use an existing one.
- Ensure that you have
gitlab-runner
configured to usedocker
executor. - Add a
.gitlab-ci.yml
file to the project with the following code:
include:
- template: License-Scanning.gitlab-ci.yml
license_scanning:
rules:
- if: $CI_COMMIT_TAG
- if: $CI_COMMIT_BRANCH &&
$GITLAB_FEATURES =~ /\blicense_scanning\b/
artifacts:
paths:
- gl-license-scanning-report.json
release_job:
stage: deploy
image: registry.gitlab.com/gitlab-org/release-cli:latest
rules:
- if: $CI_COMMIT_TAG
script:
- echo 'running release job'
release:
name: 'Release $CI_COMMIT_TAG'
description: "new release!"
tag_name: '$CI_COMMIT_TAG'
The above ensures we are running the release_job
whenever a tag pipeline runs (i.e. a git
tag is pushed), and uses the license_scanning
template to demonstrate how inclusion of artifacts:paths
is used to determine whether a release evidence would include report_artifacts.url
or not.
- Create a new
git
tag, and push it to the repository. - Check the releases page (found under Deployments > Releases), and look up the release just created using this tag.
- Download the release evidence and verify it includes
report_artifacts.url
. - Test that the URL works fine in your browser (artifacts file will be downloaded).
artifacts:paths
is not specified
When - Repeat the steps outlined above, but make sure to exclude the following from
.gitlab-ci.yml
code:
artifacts:
paths:
- gl-license-scanning-report.json
- Push another
git
tag similar to how you did earlier. - Verify that the release evidence created includes an empty
report_artifacts
array.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.