Problem to solve
I’m developing a reusable GitLab CI/CD component that, depending on configuration/state, may or may not produce certain report artifacts like a SAST report. I currently have something like the following in my CI/CD component job configuration:
artifacts:
report:
sast: my-sast-report.json
If my-sast-report.json wasn’t generated by the job, this will cause the following to appear in the pipeline log:
WARNING: my-sast-report.json: no matching files. Ensure that the artifact path is relative to the working directory (/builds/...)
ERROR: No files to upload
Although the job will not fail due to this warning/error, just having these messages appear in the pipeline log will confuse users of our CI/CD component.
Is there any way to avoid these messages from appearing in the pipeline log? There doesn’t seem to be any easy way to mark the artifacts/reports as being optional.
Potential work-arounds
I’ve tried having the main job archive untracked files matching a specific pattern as regular job artifacts, and declaring another job like the following:
publish-sast:
stage: .post
needs:
- main-job
rules:
- exists: my-sast-report.json
script: echo "Publishing SAST results"
artifacts:
reports:
sast: my-sast-report.json
However, this doesn’t work due to rules:exists only taking repository files into consideration, not files stored as artifacts. I’ve also tried setting an environment variable from the main job through artifacts:reports:dotenv and using this environment variable in a publish-sast rule, but that also doesn’t seem to work (publish-sast job is never being run).
Any other ideas/suggestions?