Commit 5c63dec4 authored by Rémy Coutable's avatar Rémy Coutable

ci: Always run full pipelines in security MRs

Signed-off-by: default avatarRémy Coutable <remy@rymai.me>
parent 113dc497
...@@ -648,6 +648,8 @@ ...@@ -648,6 +648,8 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *code-backstage-patterns changes: *code-backstage-patterns
- <<: *if-security-merge-request
changes: *code-backstage-patterns
- <<: *if-default-refs - <<: *if-default-refs
changes: *backend-patterns changes: *backend-patterns
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
...@@ -661,6 +663,8 @@ ...@@ -661,6 +663,8 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request-labels-run-all-jest - <<: *if-merge-request-labels-run-all-jest
when: never when: never
- <<: *if-default-refs - <<: *if-default-refs
...@@ -815,6 +819,8 @@ ...@@ -815,6 +819,8 @@
changes: *db-patterns changes: *db-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *db-patterns changes: *db-patterns
- <<: *if-security-merge-request
changes: *db-patterns
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
when: never when: never
- changes: *db-patterns - changes: *db-patterns
...@@ -825,6 +831,8 @@ ...@@ -825,6 +831,8 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request-labels-run-all-rspec
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
...@@ -860,6 +868,8 @@ ...@@ -860,6 +868,8 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *backend-patterns changes: *backend-patterns
- <<: *if-security-merge-request
changes: *backend-patterns
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
when: never when: never
- changes: *backend-patterns - changes: *backend-patterns
...@@ -870,6 +880,8 @@ ...@@ -870,6 +880,8 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request-labels-run-all-rspec
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
...@@ -890,6 +902,8 @@ ...@@ -890,6 +902,8 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *backend-patterns changes: *backend-patterns
- <<: *if-security-merge-request
changes: *backend-patterns
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
when: never when: never
- changes: *backend-patterns - changes: *backend-patterns
...@@ -900,6 +914,8 @@ ...@@ -900,6 +914,8 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request-labels-run-all-rspec
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
...@@ -920,6 +936,8 @@ ...@@ -920,6 +936,8 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *code-backstage-patterns changes: *code-backstage-patterns
- <<: *if-security-merge-request
changes: *code-backstage-patterns
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
when: never when: never
- changes: *code-backstage-patterns - changes: *code-backstage-patterns
...@@ -930,6 +948,8 @@ ...@@ -930,6 +948,8 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request-labels-run-all-rspec
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
...@@ -950,6 +970,8 @@ ...@@ -950,6 +970,8 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: ["config/**/*"] changes: ["config/**/*"]
- <<: *if-security-merge-request
changes: ["config/**/*"]
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
when: never when: never
- changes: ["config/**/*"] - changes: ["config/**/*"]
...@@ -960,6 +982,8 @@ ...@@ -960,6 +982,8 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request-labels-run-all-rspec
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
...@@ -989,6 +1013,8 @@ ...@@ -989,6 +1013,8 @@
changes: *db-patterns changes: *db-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *db-patterns changes: *db-patterns
- <<: *if-security-merge-request
changes: *db-patterns
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
when: never when: never
- changes: *db-patterns - changes: *db-patterns
...@@ -1001,6 +1027,8 @@ ...@@ -1001,6 +1027,8 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request-labels-run-all-rspec
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
...@@ -1024,6 +1052,8 @@ ...@@ -1024,6 +1052,8 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *backend-patterns changes: *backend-patterns
- <<: *if-security-merge-request
changes: *backend-patterns
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
when: never when: never
- changes: *backend-patterns - changes: *backend-patterns
...@@ -1036,6 +1066,8 @@ ...@@ -1036,6 +1066,8 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request-labels-run-all-rspec
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
...@@ -1058,6 +1090,8 @@ ...@@ -1058,6 +1090,8 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *backend-patterns changes: *backend-patterns
- <<: *if-security-merge-request
changes: *backend-patterns
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
when: never when: never
- changes: *backend-patterns - changes: *backend-patterns
...@@ -1070,6 +1104,8 @@ ...@@ -1070,6 +1104,8 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request-labels-run-all-rspec
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
...@@ -1092,6 +1128,8 @@ ...@@ -1092,6 +1128,8 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *code-backstage-patterns changes: *code-backstage-patterns
- <<: *if-security-merge-request
changes: *code-backstage-patterns
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
when: never when: never
- changes: *code-backstage-patterns - changes: *code-backstage-patterns
...@@ -1104,6 +1142,8 @@ ...@@ -1104,6 +1142,8 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request-labels-run-all-rspec
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
...@@ -1130,6 +1170,8 @@ ...@@ -1130,6 +1170,8 @@
changes: *db-patterns changes: *db-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *db-patterns changes: *db-patterns
- <<: *if-security-merge-request
changes: *db-patterns
- <<: *if-merge-request-not-approved - <<: *if-merge-request-not-approved
when: never when: never
...@@ -1141,15 +1183,14 @@ ...@@ -1141,15 +1183,14 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request - <<: *if-merge-request
changes: *core-backend-patterns changes: *core-backend-patterns
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
changes: *ci-patterns changes: *ci-patterns
when: never when: never
- <<: *if-security-merge-request
changes: *db-patterns
when: never
- <<: *if-merge-request-labels-as-if-foss - <<: *if-merge-request-labels-as-if-foss
changes: *db-patterns changes: *db-patterns
when: never when: never
...@@ -1165,10 +1206,10 @@ ...@@ -1165,10 +1206,10 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *backend-patterns changes: *backend-patterns
- <<: *if-merge-request-not-approved
when: never
- <<: *if-security-merge-request - <<: *if-security-merge-request
changes: *backend-patterns changes: *backend-patterns
- <<: *if-merge-request-not-approved
when: never
- <<: *if-merge-request-labels-as-if-foss - <<: *if-merge-request-labels-as-if-foss
changes: *backend-patterns changes: *backend-patterns
...@@ -1180,14 +1221,14 @@ ...@@ -1180,14 +1221,14 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request - <<: *if-merge-request
changes: *core-backend-patterns changes: *core-backend-patterns
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
changes: *ci-patterns changes: *ci-patterns
when: never when: never
- <<: *if-security-merge-request
changes: *backend-patterns
- <<: *if-merge-request-labels-as-if-foss - <<: *if-merge-request-labels-as-if-foss
changes: *backend-patterns changes: *backend-patterns
...@@ -1202,10 +1243,10 @@ ...@@ -1202,10 +1243,10 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *backend-patterns changes: *backend-patterns
- <<: *if-merge-request-not-approved
when: never
- <<: *if-security-merge-request - <<: *if-security-merge-request
changes: *backend-patterns changes: *backend-patterns
- <<: *if-merge-request-not-approved
when: never
- <<: *if-merge-request-labels-as-if-foss - <<: *if-merge-request-labels-as-if-foss
changes: *backend-patterns changes: *backend-patterns
...@@ -1217,14 +1258,14 @@ ...@@ -1217,14 +1258,14 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request - <<: *if-merge-request
changes: *core-backend-patterns changes: *core-backend-patterns
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
changes: *ci-patterns changes: *ci-patterns
when: never when: never
- <<: *if-security-merge-request
changes: *backend-patterns
- <<: *if-merge-request-labels-as-if-foss - <<: *if-merge-request-labels-as-if-foss
changes: *backend-patterns changes: *backend-patterns
...@@ -1239,10 +1280,10 @@ ...@@ -1239,10 +1280,10 @@
changes: *ci-patterns changes: *ci-patterns
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
changes: *code-backstage-patterns changes: *code-backstage-patterns
- <<: *if-merge-request-not-approved
when: never
- <<: *if-security-merge-request - <<: *if-security-merge-request
changes: *code-backstage-patterns changes: *code-backstage-patterns
- <<: *if-merge-request-not-approved
when: never
- <<: *if-merge-request-labels-as-if-foss - <<: *if-merge-request-labels-as-if-foss
changes: *code-backstage-patterns changes: *code-backstage-patterns
...@@ -1254,14 +1295,14 @@ ...@@ -1254,14 +1295,14 @@
when: never when: never
- <<: *if-automated-merge-request - <<: *if-automated-merge-request
when: never when: never
- <<: *if-security-merge-request
when: never
- <<: *if-merge-request - <<: *if-merge-request
changes: *core-backend-patterns changes: *core-backend-patterns
when: never when: never
- <<: *if-merge-request - <<: *if-merge-request
changes: *ci-patterns changes: *ci-patterns
when: never when: never
- <<: *if-security-merge-request
changes: *code-backstage-patterns
- <<: *if-merge-request-labels-as-if-foss - <<: *if-merge-request-labels-as-if-foss
changes: *code-backstage-patterns changes: *code-backstage-patterns
......
...@@ -68,6 +68,7 @@ In addition, there are a few circumstances where we would always run the full RS ...@@ -68,6 +68,7 @@ In addition, there are a few circumstances where we would always run the full RS
- when the `pipeline:run-all-rspec` label is set on the merge request - when the `pipeline:run-all-rspec` label is set on the merge request
- when the merge request is created by an automation (e.g. Gitaly update or MR targeting a stable branch) - when the merge request is created by an automation (e.g. Gitaly update or MR targeting a stable branch)
- when the merge request is created in a security mirror
- when any CI config file is changed (i.e. `.gitlab-ci.yml` or `.gitlab/ci/**/*`) - when any CI config file is changed (i.e. `.gitlab-ci.yml` or `.gitlab/ci/**/*`)
### Jest minimal jobs ### Jest minimal jobs
...@@ -83,6 +84,7 @@ In addition, there are a few circumstances where we would always run the full Je ...@@ -83,6 +84,7 @@ In addition, there are a few circumstances where we would always run the full Je
- when the `pipeline:run-all-jest` label is set on the merge request - when the `pipeline:run-all-jest` label is set on the merge request
- when the merge request is created by an automation (e.g. Gitaly update or MR targeting a stable branch) - when the merge request is created by an automation (e.g. Gitaly update or MR targeting a stable branch)
- when the merge request is created in a security mirror
- when any CI config file is changed (i.e. `.gitlab-ci.yml` or `.gitlab/ci/**/*`) - when any CI config file is changed (i.e. `.gitlab-ci.yml` or `.gitlab/ci/**/*`)
- when any frontend "core" file is changed (i.e. `package.json`, `yarn.lock`, `babel.config.js`, `jest.config.*.js`, `config/helpers/**/*.js`) - when any frontend "core" file is changed (i.e. `package.json`, `yarn.lock`, `babel.config.js`, `jest.config.*.js`, `config/helpers/**/*.js`)
- when any vendored JavaScript file is changed (i.e. `vendor/assets/javascripts/**/*`) - when any vendored JavaScript file is changed (i.e. `vendor/assets/javascripts/**/*`)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment