Gitlab allows to trigger a pipeline from another one with the use of CI_JOB_TOKEN. I’d like to check the status of the downstream from the same job that triggered it but using a “JOB-TOKEN: $CI_JOB_TOKEN” header when calling the pertinent API method results in a 401 (Unauthorized). Is this possible without depending on Personal access tokens?
1 Like
My solution was to trigger the dependent pipeline with extra parameters:
"variables[CALLER_ID]=$CI_PIPELINE_ID/$CI_JOB_ID"
and persist artifacts in the called pipeline’s task based on this CALLER_ID:
pipeline task:
script:
- mkdir -p callers/$CALLER_ID
- touch callers/$CALLER_ID/🏁
cache:
paths:
- callers/
Then in the calling pipeline block until the artifact shows up:
echo "Waiting on $PIPELINE_ID artifacts..."
ARTIFACT_URL="$GITLAB_URL/api/v4/projects/$PIPELINE_ID/jobs/artifacts/master/download?job_token=$CI_JOB_TOKEN"
sleep 15
for I in `seq 1 3`; do
echo -n "."
curl -sL -o artifacts.zip $ARTIFACT_URL
unzip -l artifacts.zip | grep -q "$CI_PIPELINE_ID/$CI_JOB_ID/🏁" && break
sleep 15
done; echo
The presence of the artifact or lack of it at this point can help you chart further course.
CI_JOB_TOKEN doesn’t allow you to pick the artifact from pipeline/job/precisely, just the latest from the branch.
Did it the other way: No job event webhook firing for the trigger jobs (#326137) · Issues · GitLab.org / GitLab · GitLab