Few newbie's questions

Hello everyone!
I’ve couple of simple questions, since I’m beginner in GitLab CI/CD for now

  1. Does the pipeline execute for every commit or for every push for certain branch in codebase?
  2. Creating a separate .gitlab-ci.yml per branch could be a good practice? Is there another good approach and where can I find the best recipes for short, simple pipelines that contain regular git commands for example?
  3. Can I have “global” pipeline for all branches or pipelines itself are stictly tight to branches?
  4. Why I need to provide user password in case of gitlab runner executing over ssh if I’ve already set up pubkey authentication for that user from GitLab runner ?

Links and examples on how to organize jobs and pipeline(s) the right way for regular developer’s workflow are greatly appreciated :grinning:

  1. As a commit is a purely local thing (and mostly happens on machines that don’t run GitLab), GitLab can’t do anything for every commit.

  2. We typically just have one .gitlab-ci.yml per project, if there’s some job that only makes sense or only should run for a partcular branch, we add something like

    - if: '$CI_COMMIT_BRANCH == "main" && $CI_PROJECT_PATH == "<group>/<project>"'
      when: manual

to the definition of that job. But I guess the best solution depends heavily on your developement process.

  1. That seems to depend on how you answer question 2. I believe you can include files in .gitlab-ci.yml so I can see several ways of achieving what you talk about.

  2. I can’t figure out what you’re doing - and as such I can’t answer that. Try to be more specific.

1 Like

As for 4th question let me explain a bit more.
I’ve setup gitlab runner on a dev server with ssh executor.
I put public ssh key on server as well as private ssh key in CI/CI settings of the repository. Nevertheless I have to provide user’s password while setup process of GitLab runner.
I need to specify password of user under which runner would be executed.
Why so, if I have already setup ssh keypair? Could I use it for authentication or it has different purpose?


user = "myuser"
password = "some_complicated_password"

In other words,
why I need to specify user and password in config.toml if I already set up ssh key pair?

So, can we say that pipeline triggered on every push event by default?
I meant as for the first question from OP.

I’ve just tested that runner is authenticated by pubkey over SSH. So, what is the reason to save user’s credentials in config.toml ?

By default a pipeline is triggered by every push, yes.

I’ve never used the SSH executor, so I have no idea how that works, so I can’t offer any help with that part.

1 Like