I would like to add to Gitlab pipeline a stage which verifies that the person approving the MR is different from the person doing the creation/merge (for this to work, I checked the setting in Gitlab that says: "Pipelines must succeed").
stages:
- build
- package
- deploy
- quality
...
check-approval:
stage: quality
only:
- merge_request
script:
- >
author=$(curl -s --location --request POST 'https://xxxxx.com/api/graphql' --header 'Content-Type: application/json' --header "JOB-TOKEN: $CI_JOB_TOKEN" --data-raw '{"query":"query{project(fullPath: \"yyyyy/yyyyy/yyyyy\") {mergeRequest(iid:\"'$CI_MERGE_REQUEST_IID'\"){approvedBy{nodes{name}}author{name}}}}"}' | jq '.data.project.mergeRequest.author.name')
- >
approvedBy=$(curl -s --location --request POST 'https://xxxxx.com/api/graphql' --header 'Content-Type: application/json' --header "JOB-TOKEN: $CI_JOB_TOKEN" --data-raw '{"query":"query{project(fullPath: \"yyyyy/yyyyy/yyyyy\") {mergeRequest(iid:\"'$CI_MERGE_REQUEST_IID'\"){approvedBy{nodes{name}}author{name}}}}"}' | jq '.data.project.mergeRequest.approvedBy.nodes[].name')
- if [[ "$author" == "$approvedBy" ]]; then exit 1; else echo "MR can be merged"; fi
However, because I add the item only: - merge_request, there are two pipelines running (branch merge) in parallel.
My questions are:
- how can I make the branch pipeline also run in the merge pipeline?
- is there any way to only run the stage of the pipeline that gave an error?
CodePudding user response:
To avoid duplicate pipelines:
workflow:
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
- if: '$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS'
when: never # skip branch pipelines when MR is open for this ref
- if: '$CI_COMMIT_BRANCH' # run branch pipelines if MR is not open on this ref
This way, you'll still get merge request pipelines, and also get branch pipelines, but only when an MR pipeline is not created, avoiding duplicate pipelines on MRs.
is there any way to only run the stage of the pipeline that gave an error?
You can use the "retry" button on the pipeline view, which will retry any failed jobs and allow the pipeline to progress if they succeed on retry. Already successful jobs will not be retried.