Rules: Pipeline executed for other branch than it supposed to

aktur · August 10, 2020, 10:37am

Hello,

I am trying to trigger CI/CD only for master branch. It used to work for only: tag but I have to use rules:
syntax now. I have this rule:

lint-swarm-Dockerfile:
  stage: build
  script:
    - echo "I'm in the branch $CI_COMMIT_BRANCH $CI_COMMIT_MESSAGE"
    - docker pull hadolint/hadolint
    - docker run --rm -i hadolint/hadolint < ./manager/swarm.Dockerfile
  after_script:
    - env
  rules:
    - if: $CI_COMMIT_BRANCH == "master"
      if: $CI_COMMIT_MESSAGE !~ /skip-build/

and it should be triggered only in branch master. However, this is what I sometimes see in the log:

...
Executing "step_script" stage of the job script
00:04
$ echo "I'm in the branch $CI_COMMIT_BRANCH $CI_COMMIT_MESSAGE"
I'm in the branch dependabot/npm_and_yarn/prismjs-1.21.0 Bump prismjs from 1.20.0 to 1.21.0
Bumps [prismjs](https://github.com/PrismJS/prism) from 1.20.0 to 1.21.0.

What was wrong here? Why this is triggered?

I’m running gitlab.com.

Kind regards,
Michal

rpadovani · August 10, 2020, 10:57am

Hi Michal,
the if rules are evaluated with an or condition: as soon as one matches, the job is executed.

From the documentation

Rules are evaluated in order until the first match. When matched, the job is either included or excluded from the pipeline, depending on the configuration.

What you want to do is exclude the job when the branch is the master:

rules:
    - if: $CI_COMMIT_BRANCH != "master"
      when: never
    - if: $CI_COMMIT_MESSAGE !~ /skip-build/