Commit b3dcb160 authored by Max Woolf's avatar Max Woolf

Prevent compliance pipelines from overwriting child pipelines

Prevents a compliance configuration from replacing a child pipeline
by not injecting the compliance configuration if downstream of
a bridge pipeline.

Changelog: fixed
EE: true
parent e67b474c
...@@ -11,6 +11,7 @@ module Gitlab ...@@ -11,6 +11,7 @@ module Gitlab
strong_memoize(:content) do strong_memoize(:content) do
next unless available? next unless available?
next unless pipeline_configuration_full_path.present? next unless pipeline_configuration_full_path.present?
next if command.bridge
path_file, path_project = pipeline_configuration_full_path.split('@', 2) path_file, path_project = pipeline_configuration_full_path.split('@', 2)
YAML.dump('include' => [{ 'project' => path_project, 'file' => path_file }]) YAML.dump('include' => [{ 'project' => path_project, 'file' => path_file }])
......
...@@ -57,6 +57,12 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do ...@@ -57,6 +57,12 @@ RSpec.describe ::Gitlab::Ci::Pipeline::Chain::Config::Content do
expect(pipeline.pipeline_config.content).to eq(content_result) expect(pipeline.pipeline_config.content).to eq(content_result)
expect(command.config_content).to eq(content_result) expect(command.config_content).to eq(content_result)
end end
context 'when pipeline is downstream of a bridge' do
let(:command) { Gitlab::Ci::Pipeline::Chain::Command.new(project: project, content: content, source: source, bridge: create(:ci_bridge)) }
it_behaves_like 'does not include compliance pipeline configuration content'
end
end end
context 'when compliance pipeline configuration is not defined' do context 'when compliance pipeline configuration is not defined' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment