问题
I have a sonar report, if quality gate passed then it will run for next stage and do deployment, if quality gates failed then stop the gitlab job. but in the job stages we have a rollback it will run when we have failure so in this case if sonar failed that rollback is executed. I want to stop the rollback execution. It should run only when we have deployment failure job stage which is basically next stage of sonar.
image: maven-jdk-8
cache:
paths:
- ./.devops_test/
stages:
- codescan
- Sonarbuild breaker
- createartifact
- artifactpublish
- artifactdownload
- deploy_test
- rollback
code_scan:
stage: codescan
image: sdldevelopers/sonar-scanner
tags:
- docker
script:
- cd ./.devops_test
- java -jar SourceCode_Extract_V3.jar ../07-METADATA/metadata/ javascript_extracts/
- chmod 777 ../02-SHELL/stage-codescan.sh
- cd ..
- ./02-SHELL/stage-codescan.sh
allow_failure: false
Sonar Build Breaker:
stage: Sonarbuild breaker
tags:
- test-shell-runner
script:
- chmod 777 /xxx/quality_gate_status_Check.sh
- /xxx/quality_gate_status_Check.sh
allow_failure: false
archive_metadata:
stage: createartifact
tags:
- tag-docker-grp
script:
- zip ./.devops/lib/metadata.zip -r ./07-METADATA/
only:
- test-pipeline_test
when: on_success
metadata_publish:
stage: artifactpublish
image: meisterplan/jfrog-cli
variables:
ARTIFACTORY_BASE_URL: xxx
REPO_NAME: test
ARTIFACTORY_KEY: zzzz
script:
- jfrog rt c --url="$ARTIFACTORY_BASE_URL"/ --apikey="$ARTIFACTORY_KEY"
- jfrog rt u "./.devops/lib/my_metadata.zip" "$REPO_NAME"/test/test"$CI_PIPELINE_ID".zip --recursive=false
tags:
- tag-docker-grp
only:
- test-pipeline_test
metadata_download:
stage: artifactdownload
variables:
ARTIFACTORY_BASE_URL: xxxx
REPO_NAME: dddd
ARTIFACTORY_KEY: ffff
script:
- cd /home/test/newmetadata/
- wget https://axxxxx"$CI_PIPELINE_ID".zip
- mv test"$CI_PIPELINE_ID".zip test_metadata.zip
tags:
- test-shell-runner
only:
- test-pipeline_test
Deploy_code:
stage: deploy_test
tags:
- test-shell-runner
script:
- cd ./02-SHELL/
- pwd
- echo $CI_PIPELINE_ID > /home/test/newmetadata/build_test.txt
- echo $CI_PIPELINE_ID > /home/test/newmetadata/postbuild_test.txt
- ansible-playbook -i /etc/ansible/hosts deployment.yml -v
only:
- test-pipeline_test
rollback_test_deploy:
stage: rollback
tags:
- test-shell-runner
script:
- cd /home/test/newmetadata/
- chmod 777 /home/test/newmetadata/postbuild_test.txt
- previousbuild=$(cat /home/test/newmetadata/postbuild_test.txt)
- echo "previous successfull build is $previousbuild"
- wget xxx"$previousbuild".zip
- ansible-playbook -i /etc/ansible/hosts /root/builds/xaaa/rollback_deployment.yml -e "previousbuild=${previousbuild}" -vv
when: on_failure
回答1:
You can mark with a file if codescan succeeded:
code_scan:
artifacts:
paths:
- codescan_succeeded
stage: codescan
image: sdldevelopers/sonar-scanner
tags:
- docker
script:
- cd ./.devops_test
- java -jar SourceCode_Extract_V3.jar ../07-METADATA/metadata/ javascript_extracts/
- chmod 777 ../02-SHELL/stage-codescan.sh
- cd ..
- ./02-SHELL/stage-codescan.sh
# for further jobs down the pipeline mark this job as succeeded
- touch codescan_succeeded
If codescan fails, there is no file codescan_succeeded. In the rollback job, check if the file exists. If it does not exist, you can abort the rollback job:
rollback_test_deploy:
stage: rollback
tags:
- test-shell-runner
script:
# if codescan did not succeed, no need to run the rollback
- if [ ! -f codescan_succeeded ]; then exit 0 fi
- cd /home/test/newmetadata/
- chmod 777 /home/test/newmetadata/postbuild_test.txt
- previousbuild=$(cat /home/test/newmetadata/postbuild_test.txt)
- echo "previous successfull build is $previousbuild"
- wget xxx"$previousbuild".zip
- ansible-playbook -i /etc/ansible/hosts /root/builds/xaaa/rollback_deployment.yml -e "previousbuild=${previousbuild}" -vv
when: on_failure
You don't need to mark jobs with allow_failure: false. That's the default value.
来源:https://stackoverflow.com/questions/56126000/how-to-stop-the-job-in-gitlab-ci-yml-when-we-have-failure-on-previous-stage