Skip to content

Triggered builds fail when using security sources

Summary

When triggering a gitlab mirror build for a security MR. We are currently getting failures:

$ bundle exec rake build:project
rake aborted!
Files have been modified after commit

This is due to the gemfile changing when the environment contains SECURITY_SOURCES="true"

When security sources are true, we prepend the ci token to each remote, even to remote that don't require it, and this ends up in the omnibus gem's path.

Proposal

We should either hardcode the remote we use in the Gemfile to the public remote with the token, or update the security sources handling to only prepend the token for custom sources that have actually defined a security remote.