Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
5c63dec4
Commit
5c63dec4
authored
Dec 06, 2021
by
Rémy Coutable
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ci: Always run full pipelines in security MRs
Signed-off-by:
Rémy Coutable
<
remy@rymai.me
>
parent
113dc497
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
58 additions
and
15 deletions
+58
-15
.gitlab/ci/rules.gitlab-ci.yml
.gitlab/ci/rules.gitlab-ci.yml
+56
-15
doc/development/pipelines.md
doc/development/pipelines.md
+2
-0
No files found.
.gitlab/ci/rules.gitlab-ci.yml
View file @
5c63dec4
...
@@ -648,6 +648,8 @@
...
@@ -648,6 +648,8 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*code-backstage-patterns
changes
:
*code-backstage-patterns
-
<<
:
*if-security-merge-request
changes
:
*code-backstage-patterns
-
<<
:
*if-default-refs
-
<<
:
*if-default-refs
changes
:
*backend-patterns
changes
:
*backend-patterns
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
...
@@ -661,6 +663,8 @@
...
@@ -661,6 +663,8 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request-labels-run-all-jest
-
<<
:
*if-merge-request-labels-run-all-jest
when
:
never
when
:
never
-
<<
:
*if-default-refs
-
<<
:
*if-default-refs
...
@@ -815,6 +819,8 @@
...
@@ -815,6 +819,8 @@
changes
:
*db-patterns
changes
:
*db-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*db-patterns
changes
:
*db-patterns
-
<<
:
*if-security-merge-request
changes
:
*db-patterns
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
when
:
never
when
:
never
-
changes
:
*db-patterns
-
changes
:
*db-patterns
...
@@ -825,6 +831,8 @@
...
@@ -825,6 +831,8 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request-labels-run-all-rspec
-
<<
:
*if-merge-request-labels-run-all-rspec
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
...
@@ -860,6 +868,8 @@
...
@@ -860,6 +868,8 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*backend-patterns
changes
:
*backend-patterns
-
<<
:
*if-security-merge-request
changes
:
*backend-patterns
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
when
:
never
when
:
never
-
changes
:
*backend-patterns
-
changes
:
*backend-patterns
...
@@ -870,6 +880,8 @@
...
@@ -870,6 +880,8 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request-labels-run-all-rspec
-
<<
:
*if-merge-request-labels-run-all-rspec
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
...
@@ -890,6 +902,8 @@
...
@@ -890,6 +902,8 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*backend-patterns
changes
:
*backend-patterns
-
<<
:
*if-security-merge-request
changes
:
*backend-patterns
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
when
:
never
when
:
never
-
changes
:
*backend-patterns
-
changes
:
*backend-patterns
...
@@ -900,6 +914,8 @@
...
@@ -900,6 +914,8 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request-labels-run-all-rspec
-
<<
:
*if-merge-request-labels-run-all-rspec
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
...
@@ -920,6 +936,8 @@
...
@@ -920,6 +936,8 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*code-backstage-patterns
changes
:
*code-backstage-patterns
-
<<
:
*if-security-merge-request
changes
:
*code-backstage-patterns
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
when
:
never
when
:
never
-
changes
:
*code-backstage-patterns
-
changes
:
*code-backstage-patterns
...
@@ -930,6 +948,8 @@
...
@@ -930,6 +948,8 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request-labels-run-all-rspec
-
<<
:
*if-merge-request-labels-run-all-rspec
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
...
@@ -950,6 +970,8 @@
...
@@ -950,6 +970,8 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
[
"
config/**/*"
]
changes
:
[
"
config/**/*"
]
-
<<
:
*if-security-merge-request
changes
:
[
"
config/**/*"
]
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
when
:
never
when
:
never
-
changes
:
[
"
config/**/*"
]
-
changes
:
[
"
config/**/*"
]
...
@@ -960,6 +982,8 @@
...
@@ -960,6 +982,8 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request-labels-run-all-rspec
-
<<
:
*if-merge-request-labels-run-all-rspec
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
...
@@ -989,6 +1013,8 @@
...
@@ -989,6 +1013,8 @@
changes
:
*db-patterns
changes
:
*db-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*db-patterns
changes
:
*db-patterns
-
<<
:
*if-security-merge-request
changes
:
*db-patterns
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
when
:
never
when
:
never
-
changes
:
*db-patterns
-
changes
:
*db-patterns
...
@@ -1001,6 +1027,8 @@
...
@@ -1001,6 +1027,8 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request-labels-run-all-rspec
-
<<
:
*if-merge-request-labels-run-all-rspec
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
...
@@ -1024,6 +1052,8 @@
...
@@ -1024,6 +1052,8 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*backend-patterns
changes
:
*backend-patterns
-
<<
:
*if-security-merge-request
changes
:
*backend-patterns
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
when
:
never
when
:
never
-
changes
:
*backend-patterns
-
changes
:
*backend-patterns
...
@@ -1036,6 +1066,8 @@
...
@@ -1036,6 +1066,8 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request-labels-run-all-rspec
-
<<
:
*if-merge-request-labels-run-all-rspec
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
...
@@ -1058,6 +1090,8 @@
...
@@ -1058,6 +1090,8 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*backend-patterns
changes
:
*backend-patterns
-
<<
:
*if-security-merge-request
changes
:
*backend-patterns
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
when
:
never
when
:
never
-
changes
:
*backend-patterns
-
changes
:
*backend-patterns
...
@@ -1070,6 +1104,8 @@
...
@@ -1070,6 +1104,8 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request-labels-run-all-rspec
-
<<
:
*if-merge-request-labels-run-all-rspec
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
...
@@ -1092,6 +1128,8 @@
...
@@ -1092,6 +1128,8 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*code-backstage-patterns
changes
:
*code-backstage-patterns
-
<<
:
*if-security-merge-request
changes
:
*code-backstage-patterns
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
when
:
never
when
:
never
-
changes
:
*code-backstage-patterns
-
changes
:
*code-backstage-patterns
...
@@ -1104,6 +1142,8 @@
...
@@ -1104,6 +1142,8 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request-labels-run-all-rspec
-
<<
:
*if-merge-request-labels-run-all-rspec
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
...
@@ -1130,6 +1170,8 @@
...
@@ -1130,6 +1170,8 @@
changes
:
*db-patterns
changes
:
*db-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*db-patterns
changes
:
*db-patterns
-
<<
:
*if-security-merge-request
changes
:
*db-patterns
-
<<
:
*if-merge-request-not-approved
-
<<
:
*if-merge-request-not-approved
when
:
never
when
:
never
...
@@ -1141,15 +1183,14 @@
...
@@ -1141,15 +1183,14 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
changes
:
*core-backend-patterns
changes
:
*core-backend-patterns
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
changes
:
*ci-patterns
changes
:
*ci-patterns
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
changes
:
*db-patterns
when
:
never
-
<<
:
*if-merge-request-labels-as-if-foss
-
<<
:
*if-merge-request-labels-as-if-foss
changes
:
*db-patterns
changes
:
*db-patterns
when
:
never
when
:
never
...
@@ -1165,10 +1206,10 @@
...
@@ -1165,10 +1206,10 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*backend-patterns
changes
:
*backend-patterns
-
<<
:
*if-merge-request-not-approved
when
:
never
-
<<
:
*if-security-merge-request
-
<<
:
*if-security-merge-request
changes
:
*backend-patterns
changes
:
*backend-patterns
-
<<
:
*if-merge-request-not-approved
when
:
never
-
<<
:
*if-merge-request-labels-as-if-foss
-
<<
:
*if-merge-request-labels-as-if-foss
changes
:
*backend-patterns
changes
:
*backend-patterns
...
@@ -1180,14 +1221,14 @@
...
@@ -1180,14 +1221,14 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
changes
:
*core-backend-patterns
changes
:
*core-backend-patterns
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
changes
:
*ci-patterns
changes
:
*ci-patterns
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
changes
:
*backend-patterns
-
<<
:
*if-merge-request-labels-as-if-foss
-
<<
:
*if-merge-request-labels-as-if-foss
changes
:
*backend-patterns
changes
:
*backend-patterns
...
@@ -1202,10 +1243,10 @@
...
@@ -1202,10 +1243,10 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*backend-patterns
changes
:
*backend-patterns
-
<<
:
*if-merge-request-not-approved
when
:
never
-
<<
:
*if-security-merge-request
-
<<
:
*if-security-merge-request
changes
:
*backend-patterns
changes
:
*backend-patterns
-
<<
:
*if-merge-request-not-approved
when
:
never
-
<<
:
*if-merge-request-labels-as-if-foss
-
<<
:
*if-merge-request-labels-as-if-foss
changes
:
*backend-patterns
changes
:
*backend-patterns
...
@@ -1217,14 +1258,14 @@
...
@@ -1217,14 +1258,14 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
changes
:
*core-backend-patterns
changes
:
*core-backend-patterns
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
changes
:
*ci-patterns
changes
:
*ci-patterns
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
changes
:
*backend-patterns
-
<<
:
*if-merge-request-labels-as-if-foss
-
<<
:
*if-merge-request-labels-as-if-foss
changes
:
*backend-patterns
changes
:
*backend-patterns
...
@@ -1239,10 +1280,10 @@
...
@@ -1239,10 +1280,10 @@
changes
:
*ci-patterns
changes
:
*ci-patterns
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
changes
:
*code-backstage-patterns
changes
:
*code-backstage-patterns
-
<<
:
*if-merge-request-not-approved
when
:
never
-
<<
:
*if-security-merge-request
-
<<
:
*if-security-merge-request
changes
:
*code-backstage-patterns
changes
:
*code-backstage-patterns
-
<<
:
*if-merge-request-not-approved
when
:
never
-
<<
:
*if-merge-request-labels-as-if-foss
-
<<
:
*if-merge-request-labels-as-if-foss
changes
:
*code-backstage-patterns
changes
:
*code-backstage-patterns
...
@@ -1254,14 +1295,14 @@
...
@@ -1254,14 +1295,14 @@
when
:
never
when
:
never
-
<<
:
*if-automated-merge-request
-
<<
:
*if-automated-merge-request
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
changes
:
*core-backend-patterns
changes
:
*core-backend-patterns
when
:
never
when
:
never
-
<<
:
*if-merge-request
-
<<
:
*if-merge-request
changes
:
*ci-patterns
changes
:
*ci-patterns
when
:
never
when
:
never
-
<<
:
*if-security-merge-request
changes
:
*code-backstage-patterns
-
<<
:
*if-merge-request-labels-as-if-foss
-
<<
:
*if-merge-request-labels-as-if-foss
changes
:
*code-backstage-patterns
changes
:
*code-backstage-patterns
...
...
doc/development/pipelines.md
View file @
5c63dec4
...
@@ -68,6 +68,7 @@ In addition, there are a few circumstances where we would always run the full RS
...
@@ -68,6 +68,7 @@ In addition, there are a few circumstances where we would always run the full RS
-
when the
`pipeline:run-all-rspec`
label is set on the merge request
-
when the
`pipeline:run-all-rspec`
label is set on the merge request
-
when the merge request is created by an automation (e.g. Gitaly update or MR targeting a stable branch)
-
when the merge request is created by an automation (e.g. Gitaly update or MR targeting a stable branch)
-
when the merge request is created in a security mirror
-
when any CI config file is changed (i.e.
`.gitlab-ci.yml`
or
`.gitlab/ci/**/*`
)
-
when any CI config file is changed (i.e.
`.gitlab-ci.yml`
or
`.gitlab/ci/**/*`
)
### Jest minimal jobs
### Jest minimal jobs
...
@@ -83,6 +84,7 @@ In addition, there are a few circumstances where we would always run the full Je
...
@@ -83,6 +84,7 @@ In addition, there are a few circumstances where we would always run the full Je
-
when the
`pipeline:run-all-jest`
label is set on the merge request
-
when the
`pipeline:run-all-jest`
label is set on the merge request
-
when the merge request is created by an automation (e.g. Gitaly update or MR targeting a stable branch)
-
when the merge request is created by an automation (e.g. Gitaly update or MR targeting a stable branch)
-
when the merge request is created in a security mirror
-
when any CI config file is changed (i.e.
`.gitlab-ci.yml`
or
`.gitlab/ci/**/*`
)
-
when any CI config file is changed (i.e.
`.gitlab-ci.yml`
or
`.gitlab/ci/**/*`
)
-
when any frontend "core" file is changed (i.e.
`package.json`
,
`yarn.lock`
,
`babel.config.js`
,
`jest.config.*.js`
,
`config/helpers/**/*.js`
)
-
when any frontend "core" file is changed (i.e.
`package.json`
,
`yarn.lock`
,
`babel.config.js`
,
`jest.config.*.js`
,
`config/helpers/**/*.js`
)
-
when any vendored JavaScript file is changed (i.e.
`vendor/assets/javascripts/**/*`
)
-
when any vendored JavaScript file is changed (i.e.
`vendor/assets/javascripts/**/*`
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment