The latest 'lcitool' now generates the CI config in a way which allows users to kick off pipelines with the upstream projects container environment rather than building a throwaway updated environment each time and enables a gitlab feature to time individual script lines. Pull it into libvirt. Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx> --- ci/gitlab.yml | 7 +++++++ ci/gitlab/build-templates.yml | 31 ++++++++++++++++++++++++++++++- ci/gitlab/sanity-checks.yml | 4 +++- 3 files changed, 40 insertions(+), 2 deletions(-) diff --git a/ci/gitlab.yml b/ci/gitlab.yml index 3866dcf545..7bb68b848c 100644 --- a/ci/gitlab.yml +++ b/ci/gitlab.yml @@ -14,6 +14,12 @@ # created/updated. Setting this variable to a non-empty # value allows CI testing prior to opening a merge request. # +# - RUN_PIPELINE_UPSTREAM_ENV - same semantics as RUN_PIPELINE, +# but uses the CI environment (containers) from the upstream project +# rather than creating and updating a throwaway environment +# Should not be used if the pushed branch includes CI container +# changes. +# # - RUN_CONTAINER_BUILDS - CI pipelines in upstream only # publish containers if CI file changes are detected. # Setting this variable to a non-empty value will force @@ -44,6 +50,7 @@ variables: RUN_UPSTREAM_NAMESPACE: libvirt + FF_SCRIPT_SECTIONS: 1 workflow: diff --git a/ci/gitlab/build-templates.yml b/ci/gitlab/build-templates.yml index 445bfa63eb..82ddd2c650 100644 --- a/ci/gitlab/build-templates.yml +++ b/ci/gitlab/build-templates.yml @@ -37,6 +37,13 @@ - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' when: on_success + # forks: pushes to a branch when a pipeline run in upstream env is explicitly requested + - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV && $JOB_OPTIONAL' + when: manual + allow_failure: true + - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV' + when: on_success + # upstream: other web/api/scheduled pipelines targeting the default branch - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $JOB_OPTIONAL' when: manual @@ -75,6 +82,11 @@ - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH' when: on_success + # forks: avoid build in local env when job requests run in upstream containers + - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV' + when: never + + # forks: pushes to branches with pipeline requested - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE && $JOB_OPTIONAL' when: manual allow_failure: true @@ -151,6 +163,13 @@ - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' when: on_success + # forks: pushes to a branch when a pipeline run in upstream env is explicitly requested + - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV && $JOB_OPTIONAL' + when: manual + allow_failure: true + - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV' + when: on_success + # upstream: other web/api/scheduled pipelines targeting the default branch - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $JOB_OPTIONAL' when: manual @@ -189,6 +208,11 @@ - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH' when: on_success + # forks: avoid build in local env when job requests run in upstream containers + - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV' + when: never + + # forks: pushes to branches with pipeline requested - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE && $JOB_OPTIONAL' when: manual allow_failure: true @@ -272,12 +296,17 @@ - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push"' when: on_success - # forks: pushes to branches with pipeline requested + # forks: pushes to branches with pipeline requested (including pipeline in upstream environment) - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE && $JOB_OPTIONAL' when: manual allow_failure: true - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE' when: on_success + - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV && $JOB_OPTIONAL' + when: manual + allow_failure: true + - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV' + when: on_success # upstream+forks: Run pipelines on MR, web, api & scheduled - if: '$CI_PIPELINE_SOURCE =~ /(web|api|schedule|merge_request_event)/ && $JOB_OPTIONAL' diff --git a/ci/gitlab/sanity-checks.yml b/ci/gitlab/sanity-checks.yml index 4e33b2dfe3..d2b1768e26 100644 --- a/ci/gitlab/sanity-checks.yml +++ b/ci/gitlab/sanity-checks.yml @@ -17,9 +17,11 @@ check-dco: - if: '$CI_PIPELINE_SOURCE =~ "merge_request_event"' when: on_success - # forks: pushes to branches with pipeline requested + # forks: pushes to branches with pipeline requested (including upstream env pipelines) - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH && $RUN_PIPELINE' when: on_success + - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH && $RUN_PIPELINE_UPSTREAM_ENV' + when: on_success # upstream+forks: that's all folks - when: never -- 2.39.2