Backend: Compliance framework pipelines can not include project prefill variables
Summary
According to the documentation, when you add
include: # Execute individual project's configuration (if project contains .gitlab-ci.yml)
project: '$CI_PROJECT_PATH'
file: '$CI_CONFIG_PATH'
ref: '$CI_COMMIT_REF_NAME' # Must be defined or MR pipelines always use the use default branchinto the compliance framework pipeline, you include the project configuration.
However, it does not work with the prefill-variables feature.
Steps to reproduce
- Create a group with the "premium" feature (
my-group). - Create
my-group/project-1. - Create
my-group/project-2. - In
my-group/project-1, add this example.gitlab-ci.yml;
include:
project: '$CI_PROJECT_PATH'
file: '$CI_CONFIG_PATH'
ref: '$CI_COMMIT_REF_NAME'
test1:
script: exit 0- In
my-group/project-2, add this example.gitlab-ci.yml;
variables:
VARY:
description: this is var Y
test2:
script: exit 0-
In
my-group, add a new compliance framework with themy-group/project-1config;
-
In
my-group/project-2, use this new compliance framework; -
Go to the "Run pipeline" on
my-group/project-2; -
Result
What is the current bug behavior?
Prefill variables are not visible on the "Run pipeline" on my-group/project-2.
What is the expected correct behavior?
Prefill variables should be visible on the "Run pipeline" on my-group/project-2.
Technical explanation
The problem here is the CI_COMMIT_REF_NAME variable. We do not define this variable when fetching prefill variables.
Possible fixes
We can persist the CI_COMMIT_REF_NAME variable when fetching prefill variables.
Workaround
Instead of using CI_COMMIT_REF_NAME, we can use CI_COMMIT_SHA to solve the problem. Besides, we need to add an if condition to the include:
include:
- project: '$CI_PROJECT_PATH'
file: '$CI_CONFIG_PATH'
ref: '$CI_COMMIT_SHA'
rules:
- if: $CI_PROJECT_PATH != "my-group/project-1" # this is the project that hosts the configuration to avoid circular includes