diff options
Diffstat (limited to '.gitlab/ci/rules.gitlab-ci.yml')
-rw-r--r-- | .gitlab/ci/rules.gitlab-ci.yml | 148 |
1 files changed, 95 insertions, 53 deletions
diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index 9dc2f5eff23..afe900f39a6 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -31,11 +31,14 @@ .if-merge-request: &if-merge-request if: '$CI_MERGE_REQUEST_IID' +# Once https://gitlab.com/gitlab-org/gitlab/-/issues/373904 is implemented, we should be able to change this back to +# if: '$CI_MERGE_REQUEST_IID && $CI_MERGE_REQUEST_APPROVALS_COUNT > 0' +# or any similar condition to check that the MR has *any* approval (not just required approval). .if-merge-request-approved: &if-merge-request-approved - if: '$CI_MERGE_REQUEST_IID && $CI_MERGE_REQUEST_APPROVED' + if: '$CI_MERGE_REQUEST_IID && $CI_MERGE_REQUEST_LABELS =~ /pipeline:run-full-rspec/' .if-merge-request-not-approved: &if-merge-request-not-approved - if: '$CI_MERGE_REQUEST_IID && $CI_MERGE_REQUEST_APPROVED != "true"' + if: '$CI_MERGE_REQUEST_IID && $CI_MERGE_REQUEST_LABELS !~ /pipeline:run-full-rspec/' .if-automated-merge-request: &if-automated-merge-request if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == "release-tools/update-gitaly" || $CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ /stable-ee$/' @@ -70,9 +73,6 @@ .if-merge-request-labels-skip-undercoverage: &if-merge-request-labels-skip-undercoverage if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:skip-undercoverage/' -.if-merge-request-labels-community-contribution: &if-merge-request-labels-community-contribution - if: '$CI_MERGE_REQUEST_LABELS =~ /Community contribution/' - .if-merge-request-labels-jh-contribution: &if-merge-request-labels-jh-contribution if: '$CI_MERGE_REQUEST_LABELS =~ /JiHu contribution/' @@ -130,6 +130,9 @@ .if-dot-com-gitlab-org-and-security-tag: &if-dot-com-gitlab-org-and-security-tag if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_COMMIT_TAG' +.if-ruby3-branch: &if-ruby3-branch + if: '$CI_COMMIT_BRANCH == "ruby3"' + # For Security merge requests, the gitlab-release-tools-bot triggers a new # pipeline for the "Pipelines for merged results" feature. If the pipeline # fails, we notify release managers. @@ -179,6 +182,7 @@ - "GITLAB_WORKHORSE_VERSION" - "workhorse/**/*" - ".gitlab/ci/workhorse.gitlab-ci.yml" + - "spec/support/gitlab-git-test.git/**/*" .yaml-lint-patterns: &yaml-lint-patterns - "*.yml" @@ -246,8 +250,21 @@ - "babel.config.js" - "config/webpack.config.js" - "config/**/*.js" + - "{,ee/,jh/}app/assets/**/*" - "vendor/assets/**/*" + +# This list should match the list in Tasks::Gitlab::Assets.assets_impacting_compilation +.assets-compilation-patterns: &assets-compilation-patterns + - "{package.json,yarn.lock}" + - ".browserslistrc" + - "babel.config.js" + - "config/webpack.config.js" + - "*.js" + - "config/**/*.js" + - "locale/**/gitlab.po" - "{,ee/,jh/}app/assets/**/*" + - "fixtures/emojis/**/*" + - "vendor/assets/**/*" .frontend-patterns-for-as-if-foss: &frontend-patterns-for-as-if-foss - "{package.json,yarn.lock}" @@ -516,7 +533,7 @@ - "vendor/assets/javascripts/**/*" .feature-flag-development-config-patterns: &feature-flag-development-config-patterns - - "{,ee/}config/feature_flags/{development,ops}/*.yml" + - "{,ee/,jh/}config/feature_flags/{development,ops}/*.yml" ################## # Conditions set # @@ -532,9 +549,6 @@ rules: - <<: *if-merge-request-approved when: never - # Temporarily disabled minimal rspec jobs before and after approval because of https://gitlab.com/gitlab-org/gitlab/-/issues/373064. - - <<: *if-merge-request-not-approved - when: never - <<: *if-automated-merge-request when: never - <<: *if-security-merge-request @@ -550,12 +564,12 @@ - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *core-backend-patterns - - <<: *if-merge-request - changes: *ci-patterns - <<: *if-automated-merge-request changes: *backend-patterns - <<: *if-security-merge-request changes: *backend-patterns + - <<: *if-merge-request-not-approved + when: never .rails:rules:as-if-foss-migration-unit-integration:minimal-default-rules: rules: @@ -579,12 +593,12 @@ changes: *core-backend-patterns - <<: *if-merge-request changes: *workhorse-patterns - - <<: *if-merge-request - changes: *ci-patterns - <<: *if-automated-merge-request changes: *code-backstage-patterns - <<: *if-security-merge-request changes: *code-backstage-patterns + - <<: *if-merge-request-not-approved + when: never .rails:rules:system:minimal-default-rules: rules: @@ -629,8 +643,6 @@ ###################### .build-images:rules:build-qa-image: rules: - - <<: *if-not-ee - when: never - <<: *if-not-canonical-namespace when: never - <<: *if-merge-request-targeting-stable-branch @@ -643,6 +655,7 @@ - <<: *if-default-branch-or-tag - <<: *if-dot-com-gitlab-org-schedule - <<: *if-force-ci + - <<: *if-ruby3-branch .build-images:rules:build-assets-image: rules: @@ -651,9 +664,60 @@ - <<: *if-merge-request-targeting-stable-branch - <<: *if-merge-request-labels-run-review-app - <<: *if-auto-deploy-branches + - <<: *if-ruby3-branch - changes: *ci-build-images-patterns - changes: *code-qa-patterns +################# +# Caching rules # +################# +.caching:rules:cache-workhorse: + rules: + # That would run for any project that has a "maintenance" pipeline schedule + # but in fact, the cache package is only uploaded for gitlab.com/gitlab-org/gitlab and jihulab.com/gitlab-cn/gitlab + - <<: *if-default-branch-schedule-maintenance + - <<: *if-dot-com-gitlab-org-default-branch + changes: ["workhorse/**/*"] + - <<: *if-dot-com-gitlab-org-merge-request + changes: + - ".gitlab/ci/caching.gitlab-ci.yml" + - "scripts/gitlab_component_helpers.sh" + when: manual + allow_failure: true + +.caching:rules:cache-assets: + rules: + # The new strategy to cache assets as generic packages is experimental and can be disabled by removing the `CACHE_ASSETS_AS_PACKAGE` variable + - if: '$CACHE_ASSETS_AS_PACKAGE != "true"' + when: never + # That would run for any project that has a "maintenance" pipeline schedule + # but in fact, the cache package is only uploaded for gitlab.com/gitlab-org/gitlab and jihulab.com/gitlab-cn/gitlab + - <<: *if-default-branch-schedule-maintenance + - <<: *if-dot-com-gitlab-org-default-branch + changes: *assets-compilation-patterns + - <<: *if-dot-com-gitlab-org-merge-request + changes: + - ".gitlab/ci/caching.gitlab-ci.yml" + - "scripts/gitlab_component_helpers.sh" + - "lib/tasks/gitlab/assets.rake" + when: manual + allow_failure: true + +.caching:rules:packages-cleanup: + rules: + # The new strategy to cache assets as generic packages is experimental and can be disabled by removing the `CACHE_ASSETS_AS_PACKAGE` variable + - if: '$CACHE_ASSETS_AS_PACKAGE != "true"' + when: never + # That would run for any project that has a "maintenance" pipeline schedule + # but in fact, the cache package is only uploaded for gitlab.com/gitlab-org/gitlab and jihulab.com/gitlab-cn/gitlab + - <<: *if-default-branch-schedule-maintenance + - <<: *if-dot-com-gitlab-org-merge-request + changes: + - ".gitlab/ci/caching.gitlab-ci.yml" + - "scripts/packages/automated_cleanup.rb" + when: manual + allow_failure: true + ###################### # CI Templates Rules # ###################### @@ -768,8 +832,6 @@ - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *startup-css-patterns - - <<: *if-merge-request - changes: *ci-patterns .frontend:rules:frontend_fixture-as-if-foss: rules: @@ -906,8 +968,6 @@ changes: *code-qa-patterns - <<: *if-merge-request-labels-as-if-foss - <<: *if-merge-request-labels-run-all-rspec - - <<: *if-merge-request - changes: *ci-patterns .qa:rules:internal-as-if-foss: rules: @@ -928,6 +988,7 @@ allow_failure: true - <<: *if-force-ci allow_failure: true + - <<: *if-ruby3-branch .qa:rules:package-and-test: rules: @@ -939,6 +1000,8 @@ when: never - <<: *if-merge-request-targeting-stable-branch allow_failure: true + - <<: *if-ruby3-branch + allow_failure: true - <<: *if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e changes: *feature-flag-development-config-patterns when: manual @@ -975,16 +1038,6 @@ ############### # Rails rules # ############### -.rails:rules:build-components: - rules: - - <<: *if-dot-com-ee-schedule - - <<: *if-dot-com-gitlab-org-default-branch - changes: - - "workhorse/**/*" - - <<: *if-dot-com-gitlab-org-merge-request - when: manual - allow_failure: true - .rails:rules:setup-test-env: rules: - changes: *setup-test-env-patterns @@ -1009,8 +1062,6 @@ - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *core-backend-patterns - - <<: *if-merge-request - changes: *ci-patterns # When DB schema changes, many migrations spec may be affected. However, the test mapping from Crystalball does not map db change to a specific migration spec well. # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68840. - <<: *if-merge-request @@ -1019,6 +1070,8 @@ changes: *db-patterns - <<: *if-security-merge-request changes: *db-patterns + - <<: *if-merge-request-not-approved + when: never - changes: *db-patterns .rails:rules:ee-and-foss-migration:minimal: @@ -1112,8 +1165,6 @@ - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *core-backend-patterns - - <<: *if-merge-request - changes: *ci-patterns # When DB schema changes, many migrations spec may be affected. However, the test mapping from Crystalball does not map db change to a specific migration spec well. # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68840. - <<: *if-merge-request @@ -1122,6 +1173,8 @@ changes: *db-patterns - <<: *if-security-merge-request changes: *db-patterns + - <<: *if-merge-request-not-approved + when: never - changes: *db-patterns .rails:rules:ee-only-migration:minimal: @@ -1201,8 +1254,6 @@ - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *core-backend-patterns - - <<: *if-merge-request - changes: *ci-patterns # When DB schema changes, many migrations spec may be affected. However, the test mapping from Crystalball does not map db change to a specific migration spec well. # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68840. - <<: *if-merge-request-labels-as-if-foss @@ -1211,6 +1262,8 @@ changes: *db-patterns - <<: *if-security-merge-request changes: *db-patterns + - <<: *if-merge-request-not-approved + when: never .rails:rules:as-if-foss-migration:minimal: rules: @@ -1416,9 +1469,6 @@ - if: '$SKIP_FLAKY_TESTS_AUTOMATICALLY == "true" || $RETRY_FAILED_TESTS_IN_NEW_PROCESS == "true"' changes: *code-backstage-patterns when: always - - if: '$SKIP_FLAKY_TESTS_AUTOMATICALLY == "true" || $RETRY_FAILED_TESTS_IN_NEW_PROCESS == "true"' - changes: *ci-patterns - when: always ######################### # Static analysis rules # @@ -1482,6 +1532,12 @@ changes: ["vendor/gems/mail-smtp_pool/**/*"] - <<: *if-merge-request-labels-run-all-rspec +.vendor:rules:attr_encrypted: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/attr_encrypted/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + .vendor:rules:microsoft_graph_mailer: rules: - <<: *if-merge-request @@ -1518,12 +1574,6 @@ changes: ["vendor/gems/omniauth-gitlab/**/*"] - <<: *if-merge-request-labels-run-all-rspec -.vendor:rules:omniauth-google-oauth2: - rules: - - <<: *if-merge-request - changes: ["vendor/gems/omniauth-google-oauth2/**/*"] - - <<: *if-merge-request-labels-run-all-rspec - .vendor:rules:omniauth-salesforce: rules: - <<: *if-merge-request @@ -1660,7 +1710,7 @@ rules: - if: '$LICENSE_MANAGEMENT_DISABLED || $GITLAB_FEATURES !~ /\blicense_scanning\b/' when: never - - changes: *code-backstage-qa-patterns + - changes: *dependency-patterns ################ # Review rules # @@ -1783,14 +1833,6 @@ - <<: *if-merge-request changes: *danger-patterns -.review:rules:reviewers-recommender: - rules: - - <<: *if-not-canonical-namespace - when: never - - <<: *if-merge-request-labels-community-contribution - when: never - - <<: *if-merge-request - ############### # Setup rules # ############### |