commit 887a1ce

gitlab-ci: Only run the image jobs if we have credentials

author	Alberto Bertogli <albertito@blitiri.com.ar> 2020-11-22 12:22:01 UTC
committer	Alberto Bertogli <albertito@blitiri.com.ar> 2020-11-22 12:46:58 UTC
parent	aa9455c418f7a30575944618e02b8c71cebfb5c4

gitlab-ci: Only run the image jobs if we have credentials

The image jobs should only run if there are valid credentials for
pushing the images to the respective registries, to avoid false
negatives in the test pipeline.

This can happen when the gitlab CI is run on projects that aren't set up
to push docker images, either because they're clones of the official
repo, or they are under a different gitlab instance (e.g. Debian's
salsa).

We do it by using a "rules:if" clause on specific variables:
- for Docker, $DOCKER_REGISTRY_USER which is set externally
- for GitLab, $CI_REGISTRY_IMAGE which has the address of the registry
  tied to the project.

Note that for GitLab we can't use the credentials for conditional
execution directly, since they are "persisted variables" which are not
available in this context (see [1] for more details). The
$CI_REGISTRY_IMAGE should be good enough to determine whether image
registry is enabled for the repo.

[1]: https://docs.gitlab.com/ee/ci/variables/where_variables_can_be_used.html#persisted-variables

.gitlab-ci.yml

-0

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 5f8f88e..e9aa0ff 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -68,6 +68,8 @@ integration_latest:
 # Build docker image, upload to gitlab registry.
 gitlab:
   stage: image
+  rules:
+    - if: '$CI_REGISTRY_IMAGE'
   image: docker:stable
   services:
     - docker:dind
@@ -80,6 +82,8 @@ gitlab:
 # Build docker image, upload to dockerhub registry.
 dockerhub:
   stage: image
+  rules:
+    - if: '$DOCKER_REGISTRY_USER'
   image: docker:stable
   services:
     - docker:dind