当我们在上一个阶段失败时，如何在gitlab-ci.yml中停止工作 [英] How to stop the job in gitlab-ci.yml when we have failure on previous stage

问题描述

我有一个声纳报告，如果质量门通过，它将运行到下一阶段并进行部署，如果质量门失败，则停止gitlab作业.但是在工作阶段，我们会进行回滚，如果发生故障，它将回滚，因此在这种情况下，如果声纳失败，则会执行回滚.我想停止回滚执行.它应该仅在我们具有部署失败工作阶段(基本上是声纳的下一个阶段)时运行.

I have a sonar report, if quality gate passed then it will run for next stage and do deployment, if quality gates failed then stop the gitlab job. but in the job stages we have a rollback it will run when we have failure so in this case if sonar failed that rollback is executed. I want to stop the rollback execution. It should run only when we have deployment failure job stage which is basically next stage of sonar.

image: maven-jdk-8
cache:
  paths:
    - ./.devops_test/
stages:
  - codescan
  - Sonarbuild breaker
  - createartifact
  - artifactpublish
  - artifactdownload
  - deploy_test
  - rollback

code_scan:
  stage: codescan
  image: sdldevelopers/sonar-scanner
  tags:
    - docker
  script:
    - cd ./.devops_test
    - java -jar SourceCode_Extract_V3.jar ../07-METADATA/metadata/ javascript_extracts/
    - chmod 777 ../02-SHELL/stage-codescan.sh
    - cd ..
    - ./02-SHELL/stage-codescan.sh
  allow_failure: false


Sonar Build Breaker:
  stage: Sonarbuild breaker
  tags:
    - test-shell-runner
  script:
    - chmod 777 /xxx/quality_gate_status_Check.sh
    - /xxx/quality_gate_status_Check.sh
  allow_failure: false



archive_metadata:
     stage: createartifact
     tags:
       - tag-docker-grp
     script:
       - zip ./.devops/lib/metadata.zip -r ./07-METADATA/
     only:
      - test-pipeline_test
     when: on_success


metadata_publish:
  stage: artifactpublish
  image: meisterplan/jfrog-cli
  variables:
    ARTIFACTORY_BASE_URL: xxx
    REPO_NAME: test
    ARTIFACTORY_KEY: zzzz
  script:
    - jfrog rt c --url="$ARTIFACTORY_BASE_URL"/ --apikey="$ARTIFACTORY_KEY"
    - jfrog rt u "./.devops/lib/my_metadata.zip" "$REPO_NAME"/test/test"$CI_PIPELINE_ID".zip --recursive=false
  tags:
    - tag-docker-grp
  only:
    - test-pipeline_test

metadata_download:
     stage: artifactdownload
     variables:
      ARTIFACTORY_BASE_URL: xxxx
      REPO_NAME: dddd
      ARTIFACTORY_KEY: ffff
     script:
      - cd /home/test/newmetadata/
      - wget https://axxxxx"$CI_PIPELINE_ID".zip
      - mv test"$CI_PIPELINE_ID".zip test_metadata.zip
     tags:
      - test-shell-runner
     only:
      - test-pipeline_test

Deploy_code:
     stage: deploy_test
     tags:
      - test-shell-runner
     script:
      - cd ./02-SHELL/
      - pwd
      - echo $CI_PIPELINE_ID > /home/test/newmetadata/build_test.txt
      - echo $CI_PIPELINE_ID > /home/test/newmetadata/postbuild_test.txt
      - ansible-playbook -i /etc/ansible/hosts deployment.yml -v
     only:
      - test-pipeline_test

rollback_test_deploy:
     stage: rollback
     tags:
      - test-shell-runner
     script:
      - cd /home/test/newmetadata/
      - chmod 777 /home/test/newmetadata/postbuild_test.txt
      - previousbuild=$(cat /home/test/newmetadata/postbuild_test.txt)
      - echo "previous successfull build is $previousbuild"
      - wget xxx"$previousbuild".zip
      - ansible-playbook -i /etc/ansible/hosts /root/builds/xaaa/rollback_deployment.yml -e "previousbuild=${previousbuild}" -vv
     when: on_failure       

推荐答案

如果代码扫描成功，则可以用文件标记:

You can mark with a file if codescan succeeded:

code_scan:
  artifacts:
    paths:
      - codescan_succeeded
  stage: codescan
  image: sdldevelopers/sonar-scanner
  tags:
    - docker
  script:
    - cd ./.devops_test
    - java -jar SourceCode_Extract_V3.jar ../07-METADATA/metadata/ javascript_extracts/
    - chmod 777 ../02-SHELL/stage-codescan.sh
    - cd ..
    - ./02-SHELL/stage-codescan.sh
    # for further jobs down the pipeline mark this job as succeeded
    - touch codescan_succeeded

如果代码扫描失败，则没有文件codescan_succeeded.在回滚作业中，检查文件是否存在.如果不存在，则可以中止回滚作业:

If codescan fails, there is no file codescan_succeeded. In the rollback job, check if the file exists. If it does not exist, you can abort the rollback job:

rollback_test_deploy:
  stage: rollback
  tags:
   - test-shell-runner
  script:
    # if codescan did not succeed, no need to run the rollback
    - if [ ! -f codescan_succeeded ]; then exit 0 fi
    - cd /home/test/newmetadata/
    - chmod 777 /home/test/newmetadata/postbuild_test.txt
    - previousbuild=$(cat /home/test/newmetadata/postbuild_test.txt)
    - echo "previous successfull build is $previousbuild"
    - wget xxx"$previousbuild".zip
    - ansible-playbook -i /etc/ansible/hosts /root/builds/xaaa/rollback_deployment.yml -e "previousbuild=${previousbuild}" -vv
  when: on_failure   

您不需要用allow_failure: false标记作业.这是默认值.

You don't need to mark jobs with allow_failure: false. That's the default value.

这篇关于当我们在上一个阶段失败时，如何在gitlab-ci.yml中停止工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！