I am trying to trigger a pipeline using $CI_JOB_TOKEN. But it gives a 404 error everytime. Is there somebody could block CI_JOB_TOKEN from triggering a pipeline ?? at access levels ??
curl --request POST --form "token=$CI_JOB_TOKEN" --form ref=master https://gitlab.eample.com/api/v4/projects/73237/trigger/pipeline
For me using the CI_JOB_TOKEN also returned a 404 error for a private repository. When I instead executed the same command using a pipeline trigger token (Settings > CI/CD/ Pipeline triggers) it works as expected.
A similar problem is described in this issue https://gitlab.com/gitlab-org/gitlab/-/issues/17511
Just for clarification: You have to generate the token in the other project and then set it as a custom ci variable e.g. PIPELINE_TRIGGER_TOKEN in the project where you want to use it. Then in the curl request within .gitlab-ci.yml replace CI_JOB_TOKEN with PIPELINE_TRIGGER_TOKEN.
Could you please make sure the ref=master is correct? Recently master was changed to main your API call might be hitting a non-existent branch hence 404
Check also your GitLab version:
With GitLab 14.1 (July 2021), you have:
Default branch name redirect
Default branch name redirect
As part of the larger effort to rename Git’s default initial branch in a GitLab project from master to main, we are adding an automatic redirect to streamline the transition. Previously, when projects renamed the default branch, current URLs would result in 404 Not Found. This is a frustrating experience when you are trying to navigate between branches. Now, if you navigate to a file or directory path whose default branch was renamed, you will be redirected to the updated path automatically.
See Documentation and Issue.
So your problem might not exist with 14.1.
Related
Requirement - In my self hosted gitlab instance there are multiple projects maintained by different users which are all using one particular tag of an image from the container registry of my project. That tag is now outdated and I have created a new tag for the image and I would like to notify all the users to use the new tag
Is there any webhook available in gitlab which can be enabled for all PULL request of image:tag to send notifications (email,slack) to the authors of ci/cd pipelines?
Or maybe configure the pipeline to detect the image and tag being used and if it is the one in question then send notifications?
P.S. - Gitlab instance is using docker container registry
An approach that involves custom scripting. Less elegant than VonC's suggestion ;-)
… detect the image and tag being used and if it is the one in question then send notifications?
You could try tailing the logs while pulling the old tag manually.
Searching for the image & tag name in your log slice should help determine how the usernames of associated events can be parsed out. Probably with jq.
A custom script could then be added to regularly repeat that parsing and for example send an email to users who trigger those events.
"Webhook" ("custom HTTP callbacks") means a local listener to GitLab events.
Considering you are managing your GitLab instance, a better option would be to create a pipeline for external pull requests (since GitLab 12.3, Aug. 2019)
on-pull-requests:
script: echo 'this should run on pull requests'
only:
- external_pull_requests
This pipeline can check if a Dockerfile is being merged, and if that Dockerfile uses the wrong tag.
If it does, it can deny said pull request.
In a GitLab issue, you can associate a branch with an issue, and in the issue there will be the line
#whoever created the branch branchname to address this issue.
Is there a way of getting that branch using the issues API? I'm trying to set up an automation script that will merge all branches associated with issues that have a certain label into the prod branch, then push the result as a development brnach so I can deploy that to a dev environment. I don't want to use merge requests as they will be used when the dev work is complete and ready to be merged for deployment to production.
Unfortunately, there currently is no official API to fetch an issue's related branches.
Some possible ways you can work around this:
Use the notes API
When a user uses the issue interface to create the branch, you will see a system message, like you mention. This message will be present in the notes API for the issue.
Example using the python-gitlab library:
import re
...
branch_note_pattern = '^created branch \[\`(.*)\`\].*to address this issue'
issue = project.issues.get(ISSUE_NUMBER)
all_notes = list(issue.notes.list(as_list=False))
system_notes = [note for note in all_notes if note.system]
related_branches = []
for note in system_notes:
match = re.match(branch_note_pattern, note.body):
if match:
branch = match.groups()[0]
related_branches.append(branch)
print('BRANCHES RELATED TO ISSUE', ISSUE_NUMBER)
for branch_name in related_branches:
print(branch_name)
However, it is possible to have a related branch without that note appearing because the related branches is just based on naming convention. So, if someone just creates a branch with named like <issue_number>-some-branch-name then it will show up as a related branch, but there will not be a system message in the API.
So, if you rely on the notes API, you may miss related branches created manually.
Use the unofficial frontend API
The issues controller only returns related branches for the purposes of the frontend to render as HTML.
If you request /<:project_url>/-/issues/<:issue_number>/related_branches?format=json you will get a JSON response containing the HTML for the frontend to insert in the issue view. You can parse this HTML to get the related branches.
This will reliably fetch the same related branches you'll see in the UI, but is more work to implement, and is fragile because the API is not guaranteed to be stable between versions of GitLab.
Our Gitlab pipeline generates some performance graphs, which I would like to be sent to every team member via e-mail.
So far, they are marked as artifacts so Gitlab keeps them. Is there any way within Gitlab to achive this? Or should I do that within the job script?
There is no way currently to send artifacts via email from the gitlab interface. You will indeed have to send them from your job scripts.
Gitlab can send an email after a pipeline is finished (see in Settings>Integrations>Pipeline emails), but it doesn't attach artifacts.
Another way to share them would be to publish them in gitlab pages from your job script (doc here : https://docs.gitlab.com/ee/user/project/pages/index.html), but it wouldn't send an email.
It seems that a few years down the road nothing has changed yet (or I do not know about it).
send_email:
stage: notify
when: on_failure
script: curl -s --user "api:$MAILGUN_API_KEY"
"https://api.mailgun.net/v3/$MAILGUN_DOMAIN/messages"
-F from='Gitlab <gitlab#example.com>'
-F to=$GITLAB_USER_EMAIL
-F subject='Test results + report'
-F text='Testing some Mailgun awesomeness!'
-F attachment='#reports/report.html'
There are a few things you need to get this to work:
generate an artifact in another job (the file you want to upload; mine is reports/report.html)
define the variables MAILGUN_API_KEY and MAILGUN_DOMAIN
I needed something similar so here is a snippet from my pipeline.
I have also documented everything in a blog post. https://medium.com/#vdespa/send-gitlab-ci-reports-artifacts-via-e-mail-86bc96e66511
I hope this helps a bit.
I'm writing a bash script to automatically setup a private github repo, as well as setup a deployHQ project for the same. This works well. However I can not add the GitHub repository to deployhq (via bash script using curl api calls) seemingly because I figure that there hasn't been an initial commit yet.
The idea of the script is to set everything up initially. From GitHub to deployhq to uploading deployhq ssh-rsa keys to the github repository - For each client website we begin to work on.
I'm using API keys, and in particular I'm using a personal access token to send commands to GitHub.
So my question is, how do I setup a new repository on GitHub with an initial commit, before the project has even started? (in order to satisfy deployhq)
I figure I need to use the API key to do this, as to avoid any user prompts.
It could just be a simple README.md file.
This is what I'm using so far (which works).
Note: obviously this is just part of the script.
SETUP_GITHUB_PROJECT_JSON='{
"name": "'$DHQ_PROJECT_PERMALINK'",
"description": "This project is a test",
"private": "true"
}'
SETUP=`curl -X POST -d "$SETUP_GITHUB_PROJECT_JSON" -H "$HEADER_ACCEPT" -H "$HEADER_CONTENT_TYPE" -u $GITHUB_API_KEY:x-oauth-basic "$GITHUB_BASE_URL"user/repos`
Happy to clarify as needed.
We're using Gitlab for source control, and MantisBT for issue tracking (boss's orders!)
Now we want to implement some kind of regex in the Gitlab commit messages, when a commit contains 'Mantis#1' that it automaticly generates a URL to http://mantis.local/view.php?id=1
Is this possible in Gitlab, (without having to write in Ruby?), and if so, how ?
It's impossible without writing code. As variant you can try change config file:
Here described logic for Internal issue trackers. Here described rules for internal issue trackers. You can try configure your own tracker support.
As example (I don't know which urls in your issue tracker)
issues_tracker:
mantisbt:
title: "MantisBT"
project_url: "http://mantis.local/projects/:issues_tracker_id"
issues_url: "http://mantis.local/view.php?id=:id"
new_issue_url: "http://mantis.local/projects/:issues_tracker_id/issues/new"