Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Prevent commit when gitlab-CI pipeline fail

Is there a way to prevent a push to gitlab if the pipeline fail?

Here's a gitlab-ci.yml sample with multiple jobs. This pipeline is triggered on every push.

If one of the job failed I don't want my code to be pushed on my repository. (I know this feature exist for pull request).

image: node:9.4.0

cache:
  paths:
  - node_modules/

before_script:
  - npm install

stages:
    - lint
    - test

lint:
  stage: lint
  script:
   - npm run lint

test:
  stage: test
  script:
   - npm run test
like image 699
Simon Bruneaud Avatar asked Mar 21 '18 17:03

Simon Bruneaud


People also ask

What does it mean when pipeline failed in GitLab?

It might be a security vulnerability The code in your most recent commit could be vulnerable, or a dependency could be at risk, either of which would trigger a failed security test and thus a failed pipeline.

How do I stop a running pipeline in GitLab?

Per-project user setting To enable or disable GitLab CI/CD Pipelines in your project: Navigate to Settings > General > Visibility, project features, permissions. Expand the Repository section. Enable or disable the Pipelines toggle as required.

How do I skip ci GitLab?

Skipping jobs in a pipeline You can override this behavior by adding a [ci skip] or [skip ci] tag within the first 250 characters of the body or title of the commit. This not only skips the marked commit, but also all other commits in the push.

What is Ci_pipeline_source in GitLab?

In the gitlab documentation you find a list of predefined variables HERE, where the variable CI_PIPELINE_SOURCE is explained to have the possible values "push, web, schedule, api, external, chat, webide, merge_request_event, external_pull_request_event, parent_pipeline, trigger, or pipeline."


1 Answers

Sorry Simon - this is not how this is supposed to work. You need the stuff in the repo so the pipeline can run.

You should use a branching flow, where you only allow successful builds/merge requests to be merged against develop/master, so you don't have to care if failing code is added in the repo. Your main branches always stay clean. You can enforce this behavior by only allowing merges against develop/master (protected branches) and not allow direct pushes.

For simpler things you can use pre-commit hooks, with only allow pushing if, for example, npm run lint succeeds. But, running a whole pipeline is too much for a pre-commit-hook (it may work, but it's not best practice).

like image 200
Rufinus Avatar answered Oct 03 '22 18:10

Rufinus