Non-blocking pipeline with manual job and subsequent job that only runs if manual job was success

peterromfeldhk · June 13, 2022, 2:58pm

I want a pipeline that is not blocking (if i don’t run manual job just show status so far).
Also i have a subsequent job that should only run if the manual job was a success

.rules:
  default_branch:
  - if: ($CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE != "schedule")
  merge_request:
  - if: ($CI_PIPELINE_SOURCE == "merge_request_event")
  manual:
  - if: ($CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE != "schedule")
    when: manual
  default:
  - !reference [.rules, default_branch]
  - !reference [.rules, merge_request]

# run tests and build
# ....

push:
  extends: .docker
  stage: push
  script:
  - docker tag "$EPHEMERAL_IMAGE" "$ECR_IMAGE"
  - nix-shell --run 'aws ecr get-login-password --region "$AWS_DEFAULT_REGION" | docker login --username AWS --password-stdin "$ECR"'
  - docker push "$ECR_IMAGE"
  rules: [!reference [.rules, default]]
  when: manual

.deploy:
  variables:
    TRIGGER_JOB: "example.${ENV}.peter.co"
    REV: "$CI_COMMIT_SHA"
  trigger:
    project: peter/infra/config-mgmt
    strategy: depend

deploy-dev:
  extends: .deploy
  stage: deploy-dev
  needs: ["push"]
  variables:
    ENV: "dev"
  rules: [!reference [.rules, default]]

# run post deployment tests
# ...

currently deploy will run even if push was failure!
if i add allow_failure: false then the pipeline is blocking

peterromfeldhk · June 14, 2022, 7:53am

this one will run subsequent job even if manual job fails:

stages:
- test
- push
- deploy-dev
- verify-dev

.rules:
  default_branch:
  - if: ($CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE != "schedule")
  merge_request:
  - if: ($CI_PIPELINE_SOURCE == "merge_request_event")
  manual:
  - if: ($CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE != "schedule") || $CI_PIPELINE_SOURCE == "merge_request_event"
    when: manual
    allow_failure: true
  default:
  - !reference [.rules, default_branch]
  - !reference [.rules, merge_request]

.common:
  tags: ["nix"]
  stage: "test"
  rules: [!reference [.rules, default]]

test:
  extends: .common
  script:
  - echo "test"

push:
  extends: .common
  stage: push
  script:
  - echo "push"
  - exit 1
  rules: [!reference [.rules, manual]]

deploy-dev:
  extends: .common
  stage: deploy-dev
  needs: ["push"]
  script:
  - echo "deploy-dev"

verify-dev:
  extends: .common
  stage: verify-dev
  needs: ["deploy-dev"]
  script:
  - echo "verify-dev"