I’m working on some labs from the Gitlab Partner Bootcamp. I’m creating a .gitlab-ci.yml file, and started with the Auto-Devops template. I added a “scan” stage. When I make commits, the entire pipeline runs just fine, no issues. But when I create a MR, the pipeline fails instantly. Instead of having many stages and jobs, it only shows my “scan:security-scans” stage/job, and it failed with the message security-scans - failed - (downstream pipeline can not be created, No stages / jobs for this pipeline.). I’ve been working on this all afternoon and can’t figure it out. Any pointers?
Edit with more info: my repo includes dockerfile, index.js, and package.json files. So I believe it should be running, as at least those rules match. The variables in the if block have not been explicitly defined. Removing the workflow block, allows everything to run normally. At this point I just want to understand what’s going on, as the behavior is the exact opposite of what I expected.
image: alpine:latest
variables:
# KUBE_INGRESS_BASE_DOMAIN is the application deployment domain and should be set as a variable at the group or project level.
# KUBE_INGRESS_BASE_DOMAIN: domain.example.com
POSTGRES_USER: user
POSTGRES_PASSWORD: testing-password
POSTGRES_ENABLED: "true"
POSTGRES_DB: $CI_ENVIRONMENT_SLUG
DOCKER_DRIVER: overlay2
ROLLOUT_RESOURCE_TYPE: deployment
DOCKER_TLS_CERTDIR: "" # https://gitlab.com/gitlab-org/gitlab-runner/issues/4501
stages:
- build
- test
- scan
- deploy # dummy stage to follow the template guidelines
- review
- dast
- staging
- canary
- production
- incremental rollout 10%
- incremental rollout 25%
- incremental rollout 50%
- incremental rollout 100%
- performance
- cleanup
security-scans:
stage: scan
trigger:
include:
- template: Security/License-Scanning.gitlab-ci.yml
- template: Security/Container-Scanning.gitlab-ci.yml
- template: Security/Dependency-Scanning.gitlab-ci.yml
cache:
paths:
- node_modules
workflow:
rules:
- if: '$BUILDPACK_URL || $AUTO_DEVOPS_EXPLICITLY_ENABLED == "1" || $DOCKERFILE_PATH'
- exists:
- Dockerfile
# https://github.com/heroku/heroku-buildpack-clojure
- exists:
- project.clj
# https://github.com/heroku/heroku-buildpack-go
- exists:
- go.mod
- Gopkg.mod
- Godeps/Godeps.json
- vendor/vendor.json
- glide.yaml
- src/**/*.go
# https://github.com/heroku/heroku-buildpack-gradle
- exists:
- gradlew
- build.gradle
- settings.gradle
# https://github.com/heroku/heroku-buildpack-java
- exists:
- pom.xml
- pom.atom
- pom.clj
- pom.groovy
- pom.rb
- pom.scala
- pom.yaml
- pom.yml
# https://github.com/heroku/heroku-buildpack-multi
- exists:
- .buildpacks
# https://github.com/heroku/heroku-buildpack-nodejs
- exists:
- package.json
# https://github.com/heroku/heroku-buildpack-php
- exists:
- composer.json
- index.php
# https://github.com/heroku/heroku-buildpack-play
# TODO: detect script excludes some scala files
- exists:
- '**/conf/application.conf'
# https://github.com/heroku/heroku-buildpack-python
# TODO: detect script checks that all of these exist, not any
- exists:
- requirements.txt
- setup.py
- Pipfile
# https://github.com/heroku/heroku-buildpack-ruby
- exists:
- Gemfile
# https://github.com/heroku/heroku-buildpack-scala
- exists:
- '*.sbt'
- project/*.scala
- .sbt/*.scala
- project/build.properties
# https://github.com/dokku/buildpack-nginx
- exists:
- .static
# NOTE: These links point to the latest templates for development in GitLab canonical project,
# therefore the actual templates that were included for Auto DevOps pipelines
# could be different from the contents in the links.
# To view the actual templates, please replace `master` to the specific GitLab version when
# the Auto DevOps pipeline started running e.g. `v13.0.2-ee`.
include:
- template: Jobs/Build.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml
- template: Jobs/Test.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Test.gitlab-ci.yml
- template: Jobs/Code-Quality.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml
- template: Jobs/Code-Intelligence.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Code-Intelligence.gitlab-ci.yml
- template: Jobs/Deploy.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
- template: Jobs/Deploy/ECS.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy/ECS.gitlab-ci.yml
- template: Jobs/Deploy/EC2.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy/EC2.gitlab-ci.yml
- template: Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml
- template: Jobs/Browser-Performance-Testing.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml
- template: Security/DAST.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml
#- template: Security/Container-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
#- template: Security/Dependency-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
#- template: Security/License-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Secret-Detection.gitlab-ci.yml