Hello everybody,
I’m facing an issue and I don’t find anything to fix it nor find another way to do it…
See, my colleagues and I have developed some CI templates, so inside of our “end projects”, our .gitlab-ci.yml
files look like
include:
- project: 'Path/To/Ci/Templates/Project'
ref: 'our-branch'
file: 'file1.yml'
- project: 'Path/To/Ci/Templates/Project'
ref: 'our-branch'
file: 'file2.yml'
variables:
VAR1: foo
VAR2: bar
stages:
- stage1
- stage2
- stage3
and that’s all.
In the included yaml files, we have some jobs with rules :
-
if: '$CI_COMMIT_TAG && $VAR4 == null'
, in order to create the jobs if the pipeline is generated by a tag. -
if: '$VAR3 != null && $VAR4 != null && $VAR5 != null'
, in order to create the jobs if the pipeline has these variables set.
One of the job ( with rule 1 ), generate automatically a changelog by analysing the differences between 2 tags.
The changelog is then pushed on the source branch of the tag ( if I set a tag on branch-1
, the pipeline is triggered and the changelog will be updated on the branch branch-1
)
In order to push the generated changelog, inside my job, I’ve cloned the end project by using a project access token ( that creates a bot, maintainer of the end project ) and the following code :
- git clone https://${ACCESS_USER}:${ACCESS_TOKEN}@${CI_SERVER_HOST}/${CI_PROJECT_PATH}.git end_project
[...]
- git config --global user.email "$GITLAB_USER_EMAIL"
- git config --global user.name "$GITLAB_USER_NAME"
- git add ${CHANGELOG_FILE_NAME}
- git commit -m "Update changelog for tag"
- git push origin HEAD
Everything works well here. The changelog is pushed by the project access token but my name appears in the commit blame, … But the problem is now.
**The push of the changelog, triggers a pipeline that automatically fails ! **
with the error :
Project `Path/To/Ci/Templates/Project` not found or access denied!
I assume, since the project access token is project related and do not have access to the Path/To/Ci/Templates/Project
it fails automatically.
I’ve searched for a way to not trigger the pipeline at all for this user but nothing has worked :’(
I’ve spotted the conditional includes topic but it’s not implemented yet.
I’ve also tried putting a workflow
but I think the include
key is the first one read…
Do you have any idea ?
Thank you very much !