极狐gitlab 创建mr触发mr流水线问题

Summary

gitlab 版本:

  • 客户版本:gitlab-jh-15.9.7

  • 自测版本:gitlab-jh-16.2.3

流水线ci

workflow:
  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
    #- if: $CI_COMMIT_BRANCH
job1:
  script:
    - echo "This job runs in merge request pipelines"

背景描述:

  • 分别有dev分支和main分支,分别设置了保护分支,且只设置了allow merge,权限是maintainer image
  • 其他非保护分支会由开发者(权限也是developer权限)往dev(受保护分支)提mr

问题现象

  • 1 当以一个开发者权限的账号 发起由原分支dev分支到目标分支main分支的mr,是不会产生mr流水线的
  • 2 当以一个维护者权限的账号 发起由原分支dev分支到目标分支main分支的mr,是会产生mr流水线的

用户权限如下: image

dev(维护者权限)发起mr,可以看到merge request流水线,可以看到run pipeline按钮 image image

xixi (开发者权限)发起mr,看不到流水线 image

用户疑惑

从客户的视角来看的话,为什么开发者权限的账号去创建mr(两个受保护分支)的时候,可以创建但是却不运行merge request流水线。而以维护者权限的账号去创建mr(两个受保护分支)的时候,可以创建且运行merge request流水线。为什么开发者提源分支,目标分支都为保护分支的MR,MR流水线不跑呢?

客户认为这是一个bug,既然开发者创建的mr不能这么用,为什么不做限制呢?

Steps to reproduce

Example Project

What is the current bug behavior?

What is the expected correct behavior?

Relevant logs and/or screenshots

Output of checks

Results of GitLab environment info

Expand for output related to GitLab environment info 
(For installations with omnibus-gitlab package run and paste the output of:
`sudo gitlab-rake gitlab:env:info`)

(For installations from source run and paste the output of:
`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)

Results of GitLab application Check

Expand for output related to the GitLab application check 
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)


(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)


(we will only investigate if the tests are passing)

Possible fixes

王凯旋 编辑于