Auto stop environments for triggered pipelines in merge requests

Hi there,
can somebody please help me out in the following github issue?
I’m trying to create a ci pipeline on gitlab.com where the main job will trigger another pipeline from a file which will create an environment (example repo with test pipelines: Attila Csoma / env-test · GitLab).
My goal is to use the triggered job to create an environment and delete it when I delete the branch which triggered the pipeline (last line in this paragraph: Environments and deployments | GitLab).

Now my pipeline looks like this:
gitlab-ci.yml:

stages:
    - test
test_pipeline:
  stage: test
  rules:
    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
  trigger:
    include:
      - local: pipeline.yaml
    strategy: depend

pipeline.yaml

workflow:
  rules:
   - when: always
deploy_review:
  stage: deploy
  image: busybox:1.33.1-glibc
  script:
    - echo "Deploy a review app"
  environment:
    name: review/$CI_COMMIT_REF_NAME
    url: https://$CI_ENVIRONMENT_SLUG.example.com
    on_stop: stop_review
stop_review:
  stage: deploy
  image: busybox:1.33.1-glibc
  script:
    - echo "Remove review app"
  environment:
    name: review/$CI_COMMIT_REF_NAME
    action: stop
  rules:
    - when: manual
      allow_failure: true

The issue is that if I use ‘push’ in gitlab-ci.yml in test_pipeline.rules.[].if ( - if: '$CI_PIPELINE_SOURCE == "push"' ) everything works fine. After a push event it will trigger
the pipeline, which will create the environment and if I delete the branch it will trigger the stop_review job.
However, if I try to limit it to start the pipeline only for merge requests (so use the merge_request_event as CI_PIPELINE_SOURCE) then if I open merge request it will start the ci which will create the environment but if I merge the merge request with delete source branch option enabled it will not trigger the stop_review event (the branch will be deleted however).
I didn’t found any reference in the documentation that it should not work (the env auto stop feature) for merge requests too. Maybe I’m missing something. I tried the gitlab api to look for any differences between a working and non working environment/deployment json structure but didn’t found anything.

Any help would be appreciated :slight_smile:
Thanks in advance

Hi,

could you solve this?

We have the same issue that we are able to launch multiple environments via a matrix job, but those environments wont auto stop (manual stop does work fine). They also seem to be correctly assigned as they shop up in the merge request an can be clicked.

Unfortunately I didn’t had the time to make a followup for this issue. My plan is to check again if this is still reproducible and create a bug report about it. I assume that is something related to some missing recursive checks.

Experienced the same behaviour.
I have created an issue: Auto stop environments for triggered pipelines in merge requests (#342038) · Issues · GitLab.org / GitLab · GitLab

EDIT: Sorry, I realized this post is about child-pipelines which I do not have in my scenario. Therefore my answer is probably not helpful.


Hi All!

In case you’re still investigating this issue, or any new people facing this…

I’ve been experiencing with this dynamic environments triggered by merge requests. Just like your case.
The documentation is indeed blurry regarding this scenario

It seems to me that with the current GitLab version I have (14.4.2, on-premises) the environment is indeed deleted when I merge or close the MR.
Note that it won’t trigger the “stop” job if you just delete the merge request.

Here is the .gitlab-ci.yml I use.

stages:
  - deploy
  - stop

deploy_review:
  stage: deploy
  rules:
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
  environment:
    name: review/$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
    auto_stop_in: 1 day
    url: http://192.168.xx.yy:zzzz/$CI_PROJECT_NAME/$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
    on_stop: stop_review
  script:
   - bash .gitlab/deploy_review.sh # No GitLab related stuff here

stop_review:
  stage: stop
  allow_failure: true # Add this if you want to allow merging even if "pipelines must success" --> otherwise GitLab would block you from merging unless you manually run this job
  rules:
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
      when: manual
  environment:
    name: review/$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
    action: stop
  script:
    - bash .gitlab/stop_review.sh # No GitLab related stuff here

I came up with a hacky workaround for project A triggering project B on merge request, then deleting the environment that was created with project B when the MR on project A is closed

Project A:

trigger-project-b:
  rules:
    - if: $CI_MERGE_REQUEST_ID
  trigger:
    project: "B"
    branch: main
    strategy: depend

cleanup-env-setup:
  rules:
    - if: $CI_MERGE_REQUEST_ID
  environment:
    name: dev/$CI_COMMIT_REF_SLUG
    on_stop: trigger-cleanup-env
  script:
    - echo "Setting up env to delete downstream environment"
  variables:
    GIT_STRATEGY: none

trigger-cleanup-env:
  environment:
    name: dev/$CI_COMMIT_REF_SLUG
    action: stop
  rules:
    - if $CI_MERGE_REQUEST_ID
      when: manual
      allow_failure: true
  script:
    - "DOWNSTREAM_PIPELINE=$(curl -s -H \"PRIVATE-TOKEN: $TOKEN\" \"https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/pipelines/$CI_PIPELINE_ID/bridges\" | jq '.[] | select(.name==\"create-env\").downstream_pipeline.id'); echo $DOWNSTREAM_PIPELINE"
    - "CLEANUP_JOB=$(curl -H \"PRIVATE-TOKEN: $TOKEN\" \"https://gitlab.com/api/v4/projects/$PROJECT_B_ID/pipelines/$DOWNSTREAM_PIPELINE/jobs\" | jq '.[] | select(.name==\"cleanup-env\").id'); echo $CLEANUP_JOB"
    - "RES=$(curl -H \"PRIVATE-TOKEN: $TOKEN\" \"https://gitlab.com/api/v4/projects/$PROJECT_B_ID/jobs/$CLEANUP_JOB/play\" -X POST); echo $RES"

Project B:

create-env:
  rules:
    - if: $CI_PIPELINE_SOURCE == "pipeline"
  environment:
    name: dev/$CI_COMMIT_REF_SLUG  # or some variable from project A
    on_stop: cleanup-env
  script:
    - echo "Creating my environment"
cleanup-env:
  environment:
    name: dev/$CI_COMMIT_REF_SLUG  # or some variable from project A
    action: stop
  allow_failure: true
  needs: [create-env]
  rules:
    - when: manual

This does require project A to have a CI/CD variable TOKEN defined that has permissions to trigger project B jobs.

To Gitlab - please make this workaround unnecessary.