Logical AND operation of rules

GitLab CI/CD
1

Problem to solve

Describe your question in as much detail as possible:
We want to trigger specific jobs with specific trigger tokens.

  • What are you seeing, and how does that differ from what you expect to see?
    The trigger tokens are activated but the CI/CD rules do not act on the trigger tokens.
    What’s the correct syntax (operator precedence, brackets, etc.)?

Thanx for any hint! :slight_smile:

Steps to reproduce

rules:
    - if: $CI_PIPELINE_SOURCE == "trigger" && $CI_TRIGGER_SHORT_TOKEN == '83eb'
      when: always
    - if: $CI_COMMIT_BRANCH == 'main'
      when: manual

Versions

Please select whether options apply, and add the version information.

  • Self-managed
  • GitLab.com SaaS
  • Self-hosted Runners

Versions

  • GitLab: GitLab Community Edition v17.0.1
2

Not sure but I think CI_TRIGGER_SHORT_TOKEN is not defined at the point where you’re using it so the first if always evaluates to false. The documentation on pre-defined variables lists it as defined for jobs only. The CI_PIPELINE_SOURCE variable on the other hand is defined for the pipeline as a whole.

Any particular reason you need check on CI_TRIGGER_SHORT_TOKEN?

3

@paddy-hack Thanx for the answer! :smiley:
We want to have one token per job to be able to start individual jobs independently (e.g. pulling a docker image and restarting the container without restarting the complete stack).
CI_TRIGGER_SHORT_TOKEN was the only ID I could find to identify which token was called.

4

:thinking:

In a pipeline “cascade” of my own, I am using curl to selectively trigger child pipelines depending on which versions need updating. All curl triggers use the same trigger token but pass an additional variable, two actually, to control which jobs will be included.

The curl invocation looks like

     - curl --request POST --fail --silent --show-error
           --form "token=$UPGRADE_TRIGGER_TOKEN"
           --form "ref=$CI_COMMIT_BRANCH"
           --form "variables[CODENAME]=$CODENAME"
           --form "variables[ACTION]=$ACTION"
           "$CI_API_V4_URL/projects/$CI_PROJECT_ID/trigger/pipeline"

so that jobs in the triggered pipeline jobs can evaluate the CODENAME and ACTION variables in their rules to make a decision on whether the job should be included. For example, something like

  rules:
    - if: $CI_PIPELINE_TRIGGERED && $CODENAME == "foobar" && $ACTION == "just-do-it"
    - if: $CI_PIPELINE_TRIGGERED && $ACTION == "never-mind"
      when: never

Maybe that might be an approach to achieve your goal.