Pipeline is getting triggered on branch which are not mentioned under “only”
I have a CI config file (like mentioned below), in that file I have only mentioned to run the pipeline on specific branch i.e., main
, development
and test
. It is working as expected for all the users who has access to the repo with developer role; but only for specific user if they are pushing their code on any branch a failed pipeline is being generated. This uses also has the same developer role as others
- I am using GitLab.com and the version is as below*
- GitLab: 14.4.0-pre
- Runner: 14.3.0-rc1
Here are few screenshot for the same
.gitlab-ci.yml
stages:
- buildimg
- gkedeploy
variables:
_GCR_HOSTNAME: us.gcr.io
_IMAGE_TAG: $_GCR_HOSTNAME/$PROJECT_ID/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
_K8S_NAMESPACE: my-app
Build Docker Image:
image: docker:stable
stage: buildimg
when: manual
environment: $CI_COMMIT_REF_NAME
only:
- development
- test
- main
services:
- docker:dind
before_script:
- docker --version
- echo $_IMAGE_TAG
- echo $GCR_MANAGER_KEY | docker login -u _json_key --password-stdin https://$_GCR_HOSTNAME
script:
# Build and tag image for GCR
- docker build -t $_IMAGE_TAG .
# Push image to GCR
- docker push $_IMAGE_TAG
after_script:
- docker logout
.prepare_step: &prepare_step
- echo $_IMAGE_TAG
# Replacing the Namespace token with correct value
- sed -i "s#__K8S_NAMESPACE__#$_K8S_NAMESPACE#" ./k8s/namespace.yml
Deploy in Google Kubernetes Engine:
image: google/cloud-sdk
stage: gkedeploy
when: manual
environment: $CI_COMMIT_REF_NAME
only:
- development
- test
- main
before_script:
- *prepare_step
script:
- echo $SERVICE_ACCOUNT > /tmp/$CI_PIPELINE_ID.json
- gcloud auth activate-service-account --key-file /tmp/$CI_PIPELINE_ID.json
- gcloud config set project $PROJECT_ID
- gcloud config set compute/zone $COMPUTE_ZONE
- gcloud container clusters get-credentials $GKE_CLUSTER
- kubectl apply -f ./k8s/namespace.yml
after_script:
- rm /tmp/$CI_PIPELINE_ID.json
It will be helpful for me if someone point out how to prevent it.