Trigger pipeline ONLY when MR is Approved

GitLab CI/CD
1

Hello,

Im trying to make my job to trigger ONLY if the Merge Request if approved and merged into main branch? and what I have currently is not working…

  rules:
    - if: $CI_MERGE_REQUEST_APPROVED == true
      changes:
          paths:
            - $TRACK_DIR/$TRACK_NAME/*/*
      when: always
2

Hi @sunnyruziev

You need to add `$CI_PIPELINE_SOURCE == “merge_request_event” to the condition so the job runs in Merge request pipeline.

Rule should look like this:

rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_APPROVED == true
      changes:
          paths:
            - $TRACK_DIR/$TRACK_NAME/*/*
      when: always
3

This solution does not work

4

There are two situations:

  1. Run job only if MR is approved
  2. Run job only if commit comes from MR

For the 1. you can use the rule above.
For the 2. you can use CI_COMMIT_MESSAGE =~ /^Merged .../ which is usually in format Merged branch into ... (see in your commits) and $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

5

Actually, it doesn’t work. Can you show me work case in real life?

6

The issue/confusion is that gitlab does not trigger a CI pipeline when details of a merge request are updated.
So even though the CI is configured with '$CI_PIPELINE_SOURCE == "merge_request_event"' no CI pipeline will be triggered if the title, description, labels, approval status, etc. of the merge request changes.
The only time when the $CI_PIPELINE_SOURCE is merge_request_event is if there are commits pushed to the source branch in the merge request.

It is possible to use the $CI_MERGE_REQUEST_APPROVED in the ci rules, although it is not that useful as the following conditions have to be met:

  1. Your merge request has to be approved.
  2. Your ci job or workflow rules have to enable merge request events. (- if: $CI_PIPELINE_SOURCE == "merge_request_event")
  3. You have to push a new commit to the source branch.
  4. You have to make sure that the merge request approvals are kept when new commits are added in the repo settings (Settings > Merge requests > When a commit is added: Keep approvals).
    Otherwise the approval status will get reset each time a new commit is added and you will never catch the $CI_MERGE_REQUEST_APPROVED variable.

With that being said, it is actually possible to run a pipeline immediately after a merge request gets approved.
Gitlab can fire a webhook when a merge request is approved or updated and it is possible to use that webhook to start a ci job with a pipeline trigger token.

  • First you have to create a pipeline trigger token. (Settings > CI/CD > Pipeline trigger tokens)
  • Then you need to create the webhook. (Settings > Webhooks).
    • Set the URL to your pipeline trigger token, without the ref part.
    • Configure the webhook trigger to be Merge request events (not to be confused with merge_request_event in the CI_PIPELINE_SOURCE :speak_no_evil: )
    • Configure a custom webhook template to pass details of the webhook events as CI variables.
    {
  "variables": {
    "event_type":"{{event_type}}",
    "merge_request_id":"{{object_attributes.id}}",
    "merge_request_iid":"{{object_attributes.iid}}",
    "action":"{{object_attributes.action}}",
    "detailed_merge_status":"{{object_attributes.detailed_merge_status}}"
  },
  "ref":"{{object_attributes.source_branch}}"
}
  • Now you can add rules to your CI job such as:
    rules:
  - if: '$CI_PIPELINE_SOURCE == "trigger" && $event_type = "merge_request" && $action == "approved" && $merge_request_id == $CI_MERGE_REQUEST_ID'
1 Like
7

this solution is good, but it does not look like working for me, because $CI_MERGE_REQUEST_ID will not be available during Trigger Token builds.

9

Hi. The same problem. Did you get anything?