Ensure fast quarantine file is periodically cleared so permanent quarantines are applied

Ensure fast quarantine file is periodically cleared so quarantines don't leak into backports AND permanent quarantines are forced to be applied.

We should have a job to clear the fast-quarantine file

Implementation notes:

  • weekly job to set FQ job to empty
  • Assign a random SET (optional)
  • Merge automatically
  • In an emergency fast quarantines can be added back in manually if required

Implementation summary:

Automatic Weekly Quarantine File Clearing

This guide sets up automatic weekly clearing of rspec/fast_quarantine-gitlab.txt.

1. Add CI Job to .gitlab-ci.yml 

stages:
  - maintenance

clear_quarantine_weekly:
  stage: maintenance
  rules:
    - if: $CI_PIPELINE_SOURCE == "schedule" && $SCHEDULE_TYPE == "clear_quarantine"
  script:
    - git config user.name "GitLab CI Bot"
    - git config user.email "engineering-productivity+bot@gitlab.com"
    - git checkout $CI_COMMIT_REF_NAME
    - git pull origin $CI_COMMIT_REF_NAME
    # Clear the file
    - echo "" > rspec/fast_quarantine-gitlab.txt
    # Commit and push
    - |
      if git diff --quiet rspec/fast_quarantine-gitlab.txt; then
        echo "File already empty, nothing to do"
      else
        git add rspec/fast_quarantine-gitlab.txt
        git commit -m "chore: clear weekly quarantine file [skip ci]"
        git push https://oauth2:${PROJECT_ACCESS_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git HEAD:$CI_COMMIT_REF_NAME
      fi
  variables:
    GIT_STRATEGY: clone

2. Create Project Access Token

  1. Navigate to Settings → Access Tokens
  2. Create a new token:
    • Name: Quarantine Clearer
    • Role: Developer or Maintainer
    • Scopes: write_repository
  3. Save the token value

3. Add Token as CI/CD Variable

  1. Navigate to Settings → CI/CD → Variables
  2. Add new variable:
    • Key: PROJECT_ACCESS_TOKEN
    • Value: Your token from step 2
    • Protected:
    • Masked:

4. Create Pipeline Schedule

  1. Navigate to CI/CD → Schedules
  2. Click New schedule
  3. Configure:
    • Description: Clear quarantine file weekly
    • Interval pattern: 0 0 * * 1 (every Monday at midnight)
    • Target branch: main
    • Variable: SCHEDULE_TYPE = clear_quarantine
    • Activated:
  4. Save the schedule

Result

Every Monday at midnight, the quarantine file will be automatically cleared and committed directly to the main branch with the commit message "chore: clear weekly quarantine file [skip ci]".

Edited by Jay McCure