Extend job rules with multiple !reference containing array of rules

Multiple rule extensions with !reference which points to an array of rules

I am trying to create monorepo deployment based on templated jobs, each job in the template already has its own set of rules, which I want to reuse and add a few additional ones inside the job, but it fails every time.

Consider having the following .gitlab-ci-template.yml file which looks something like this

.job:
  stage: some_stage
  script:
    - ./some_nasty_script.sh
  rules:
    - if: $something
      when: always
    - if: $something_else
      when: never

And another .gitlab-ci.yml which will be used to orchestrate the pipeline for your project

job1:
  extends: .job
  rules:
    - !reference [.job, rules]

If I have only 1 reference property inside rules, everything will work fine (side note: when I’ve checked the merged file from GitLab editor, I have noticed that it just spread the included rules without flatting them out so they looked like the following snippet)

job1:
  extends: .job
  rules:
    - - if: $something
       when: always
      - if: $something_else
       when: never

But when I have multiple jobs in my project, where some are being built, test, deploy, etc. If I have an additional set of rules which should be shared among them (but can’t be nested inside the template from 1st snippet because they are exclusive for that project) and i try to include them with an additional reference like in the following snippet, it doesn’t function. Or should I better say, it only evaluates the 1st !reference, 2nd one gets ignored

.default_rules:
  rules:
    - changes:
       - apps/specific-app/*
    - if: $FORCE_DEPLOY
      when: always


job1:
  extends: .job
  rules: 
    - !reference [.job, rules]
    - !reference [.default_rules, rules]

Then the merged yml will look something like this:

job1:
  extends: .job
  rules:
    - - if: $something
        when: always
      - if: $something_else
        when: never
    - - changes:
        - apps/specific-app/*
      - if: $FORCE_DEPLOY
        when: always

I am using our self-managed GitLab 14.10.3-ee

Before posting here I was checking GitLab’s documentation on rules, along with a few issues and PRs in hope that it would help me with my issue, but so far nothing helps.

If anyone has additional ideas for bypassing this limitation at the moment, do tell :smile:
Maybe I am doing something so obviously wrong, but I haven’t managed to pinpoint it yet. Unless this actually is a bug/potential feature.

There is always the final option to just write all the rules manually, but that really bums me out, since later maintenance would require much more manual labor.