| Message ID | 20230517135448.262483-4-berrange@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | gitlab: improvements to handling of stable staging branches | expand |
17.05.2023 16:54, Daniel P. Berrangé wrote: > If the stable staging branches publish containers under the 'latest' tag > they will clash with containers published on the primary staging branch, > as well as with each other. This introduces logic that overrides the > container tag when jobs run against the stable staging branches. > > The CI_COMMIT_REF_SLUG variable we use expands to the git branch name, > but with most special characters removed, such that it is valid as a > docker tag name. eg 'staging-8.0' will get a slug of 'staging-8-0' > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> > --- > .gitlab-ci.d/base.yml | 24 ++++++++++++++++++++++-- > 1 file changed, 22 insertions(+), 2 deletions(-) > > diff --git a/.gitlab-ci.d/base.yml b/.gitlab-ci.d/base.yml > index a1d734267a..f379c182a7 100644 > --- a/.gitlab-ci.d/base.yml > +++ b/.gitlab-ci.d/base.yml > @@ -1,7 +1,7 @@ > > variables: > - # On stable branches this needs changing. Should also be > - # overridden per pipeline if running pipelines concurrently > + # On stable branches this is changed by later rules. Should also > + # be overridden per pipeline if running pipelines concurrently > # for different branches in contributor forks. > QEMU_CI_CONTAINER_TAG: latest > > @@ -16,6 +16,9 @@ variables: > # Thus we group them into a number of stages, ordered from > # most restrictive to least restrictive > # > +# For pipelines running for stable "staging-X.Y" branches > +# we must override QEMU_CI_CONTAINER_TAG > +# > .base_job_template: > variables: > # Each script line from will be in a collapsible section in the job output > @@ -61,11 +64,23 @@ variables: > ############################################################# > > # Optional jobs should not be run unless manually triggered > + - if: '$QEMU_JOB_OPTIONAL && $CI_PROJECT_NAMESPACE == $QEMU_CI_UPSTREAM && $CI_COMMIT_BRANCH =~ /staging-[[:digit:]]+\.[[:digit:]]/' > + when: manual > + allow_failure: true > + variables: > + QEMU_CI_CONTAINER_TAG: $CI_COMMIT_REF_SLUG Here, it somehow feels better to use $CI_COMMIT_BRANCH instead of $CI_COMMIT_REF_SLUG. I know little about gitlab CI. It is REF_SLUG like a hashed value of COMMIT_BRANCH? Other than that (here and below), Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> /mjt
On Wed, May 17, 2023 at 06:26:56PM +0300, Michael Tokarev wrote: > 17.05.2023 16:54, Daniel P. Berrangé wrote: > > If the stable staging branches publish containers under the 'latest' tag > > they will clash with containers published on the primary staging branch, > > as well as with each other. This introduces logic that overrides the > > container tag when jobs run against the stable staging branches. > > > > The CI_COMMIT_REF_SLUG variable we use expands to the git branch name, > > but with most special characters removed, such that it is valid as a > > docker tag name. eg 'staging-8.0' will get a slug of 'staging-8-0' > > > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> > > --- > > .gitlab-ci.d/base.yml | 24 ++++++++++++++++++++++-- > > 1 file changed, 22 insertions(+), 2 deletions(-) > > > > diff --git a/.gitlab-ci.d/base.yml b/.gitlab-ci.d/base.yml > > index a1d734267a..f379c182a7 100644 > > --- a/.gitlab-ci.d/base.yml > > +++ b/.gitlab-ci.d/base.yml > > @@ -1,7 +1,7 @@ > > variables: > > - # On stable branches this needs changing. Should also be > > - # overridden per pipeline if running pipelines concurrently > > + # On stable branches this is changed by later rules. Should also > > + # be overridden per pipeline if running pipelines concurrently > > # for different branches in contributor forks. > > QEMU_CI_CONTAINER_TAG: latest > > @@ -16,6 +16,9 @@ variables: > > # Thus we group them into a number of stages, ordered from > > # most restrictive to least restrictive > > # > > +# For pipelines running for stable "staging-X.Y" branches > > +# we must override QEMU_CI_CONTAINER_TAG > > +# > > .base_job_template: > > variables: > > # Each script line from will be in a collapsible section in the job output > > @@ -61,11 +64,23 @@ variables: > > ############################################################# > > # Optional jobs should not be run unless manually triggered > > + - if: '$QEMU_JOB_OPTIONAL && $CI_PROJECT_NAMESPACE == $QEMU_CI_UPSTREAM && $CI_COMMIT_BRANCH =~ /staging-[[:digit:]]+\.[[:digit:]]/' > > + when: manual > > + allow_failure: true > > + variables: > > + QEMU_CI_CONTAINER_TAG: $CI_COMMIT_REF_SLUG > > Here, it somehow feels better to use $CI_COMMIT_BRANCH instead of $CI_COMMIT_REF_SLUG. > I know little about gitlab CI. It is REF_SLUG like a hashed value of COMMIT_BRANCH? The git branch / tag name can contain characters that are not permitted for docker tag names. The CI_COMMIT_REF_SLUG is CI_COMMIT_BRANCH but with everything except 0-9 and a-z replaced with -, making it safe for use as a docker tag [1]. With regards, Daniel [1] https://docs.gitlab.com/ee/ci/variables/predefined_variables.html
diff --git a/.gitlab-ci.d/base.yml b/.gitlab-ci.d/base.yml index a1d734267a..f379c182a7 100644 --- a/.gitlab-ci.d/base.yml +++ b/.gitlab-ci.d/base.yml @@ -1,7 +1,7 @@ variables: - # On stable branches this needs changing. Should also be - # overridden per pipeline if running pipelines concurrently + # On stable branches this is changed by later rules. Should also + # be overridden per pipeline if running pipelines concurrently # for different branches in contributor forks. QEMU_CI_CONTAINER_TAG: latest @@ -16,6 +16,9 @@ variables: # Thus we group them into a number of stages, ordered from # most restrictive to least restrictive # +# For pipelines running for stable "staging-X.Y" branches +# we must override QEMU_CI_CONTAINER_TAG +# .base_job_template: variables: # Each script line from will be in a collapsible section in the job output @@ -61,11 +64,23 @@ variables: ############################################################# # Optional jobs should not be run unless manually triggered + - if: '$QEMU_JOB_OPTIONAL && $CI_PROJECT_NAMESPACE == $QEMU_CI_UPSTREAM && $CI_COMMIT_BRANCH =~ /staging-[[:digit:]]+\.[[:digit:]]/' + when: manual + allow_failure: true + variables: + QEMU_CI_CONTAINER_TAG: $CI_COMMIT_REF_SLUG + - if: '$QEMU_JOB_OPTIONAL' when: manual allow_failure: true # Skipped jobs should not be run unless manually triggered + - if: '$QEMU_JOB_SKIPPED && $CI_PROJECT_NAMESPACE == $QEMU_CI_UPSTREAM && $CI_COMMIT_BRANCH =~ /staging-[[:digit:]]+\.[[:digit:]]/' + when: manual + allow_failure: true + variables: + QEMU_CI_CONTAINER_TAG: $CI_COMMIT_REF_SLUG + - if: '$QEMU_JOB_SKIPPED' when: manual allow_failure: true @@ -87,4 +102,9 @@ variables: when: manual # Jobs can run if any jobs they depend on were successful + - if: '$QEMU_JOB_SKIPPED && $CI_PROJECT_NAMESPACE == $QEMU_CI_UPSTREAM && $CI_COMMIT_BRANCH =~ /staging-[[:digit:]]+\.[[:digit:]]/' + when: on_success + variables: + QEMU_CI_CONTAINER_TAG: $CI_COMMIT_REF_SLUG + - when: on_success
If the stable staging branches publish containers under the 'latest' tag they will clash with containers published on the primary staging branch, as well as with each other. This introduces logic that overrides the container tag when jobs run against the stable staging branches. The CI_COMMIT_REF_SLUG variable we use expands to the git branch name, but with most special characters removed, such that it is valid as a docker tag name. eg 'staging-8.0' will get a slug of 'staging-8-0' Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitlab-ci.d/base.yml | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-)