curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

chore: Do not use gitlab merge request pipelines 

## Summary
If we define pipelines to trigger on merge requests,
they will take precedence over branch pipelines,
which is currently the way our old pipelines are still
triggered. This means that we can have a merge request
with green pipelines, but actually the external pipelines failed.
Therefore, we need to only rely on branch pipelines,
to ensure that we don't ignore the results from
external pipelines.

More information here:
- https://forum.gitlab.com/t/merge-request-considering-merge-request-pipelines-instead-of-branch-pipelines/111248/2
- https://docs.gitlab.com/17.6/ci/jobs/job_rules/#run-jobs-only-in-specific-pipeline-types
This commit is contained in:
João "Pisco" Fernandes 2025-04-30 12:01:43 +00:00
parent 10081602a4
commit bb765e741d
1 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
.gitlab-ci.yml
View File

@ -20,15 +20,30 @@ default:
exit 0 exit 0
fi fi
## A set of predefined rules to use on the different jobs
.default_rules:
# Rules to run the job only on the master branch
run_on_master:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
when: always
- when: never
# Rules to run the job only on branches that are not master. This is needed because for now
# we need to keep a similar behavior due to the integration with teamcity, which requires us
# to not trigger pipelines on tags and/or merge requests.
run_on_branch:
- if: $CI_COMMIT_TAG
when: never
- if: $CI_PIPELINE_SOURCE != "merge_request_event" && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
when: always
- when: never
# ----------------------------------------------- # -----------------------------------------------
# Stage 1: Build on every PR # Stage 1: Build on every PR
# ----------------------------------------------- # -----------------------------------------------
build_cloudflared_macos: &build build_cloudflared_macos: &build
stage: build stage: build
rules: rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event" && $CI_COMMIT_BRANCH != "master" - !reference [.default_rules, run_on_branch]
when: always
- when: never
tags: tags:
- "macstadium-${RUNNER_ARCH}" - "macstadium-${RUNNER_ARCH}"
parallel: parallel:
@ -55,14 +70,11 @@ build_cloudflared_macos: &build
# ----------------------------------------------- # -----------------------------------------------
build_and_sign_cloudflared_macos: build_and_sign_cloudflared_macos:
<<: *build <<: *build
extends: .check_tag
rules: rules:
- if: $CI_COMMIT_BRANCH == "master" - !reference [.default_rules, run_on_master]
when: always
- when: never
secrets: secrets:
APPLE_DEV_CA_CERT: APPLE_DEV_CA_CERT:
vault: gitlab/cloudflare/tun/cloudflared/_branch/master/apple_dev_ca_cert/data@kv vault: gitlab/cloudflare/tun/cloudflared/_branch/master/apple_dev_ca_cert_v2/data@kv
file: false file: false
CFD_CODE_SIGN_CERT: CFD_CODE_SIGN_CERT:
vault: gitlab/cloudflare/tun/cloudflared/_branch/master/cfd_code_sign_cert_v2/data@kv vault: gitlab/cloudflare/tun/cloudflared/_branch/master/cfd_code_sign_cert_v2/data@kv
@ -93,9 +105,7 @@ release_cloudflared_macos_to_github:
dependencies: dependencies:
- build_and_sign_cloudflared_macos - build_and_sign_cloudflared_macos
rules: rules:
- if: $CI_COMMIT_BRANCH == "master" - !reference [.default_rules, run_on_master]
when: always
- when: never
cache: cache:
paths: paths:
- .cache/pip - .cache/pip