Initial version of reusable workflow for trigger-gitlab-pipeline #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Trigger GitLab pipeline | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| triggered-ref: | ||
| description: 'GitLab project ref to trigger' | ||
| required: true | ||
| type: string | ||
| schedule: | ||
| description: 'Indication if it is a automatically scheduled request' | ||
| required: false | ||
| default: false | ||
| type: boolean | ||
| cancel-outdated-pipelines: | ||
| description: 'If set to true, it will cancel previous pipelines that are running for the same github ref' | ||
| required: false | ||
| default: true | ||
| type: boolean | ||
| secrets: | ||
| ci-api-v4-url: | ||
| description: 'GitLab API v4 root URL' | ||
| required: true | ||
| access-token: | ||
| description: 'GitLab API access token' | ||
| required: true | ||
| trigger-token: | ||
| description: 'GitLab API trigger token' | ||
| required: true | ||
| project-id: | ||
| description: 'GitLab project ID' | ||
| required: true | ||
| jobs: | ||
| authorize: | ||
| environment: ${{ (github.event_name == 'pull_request_target' && | ||
| github.event.pull_request.head.repo.full_name != github.repository) && | ||
| 'External' || 'Internal' }} | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| run: echo "Authorized the job to run" # This step will only execute if the pipeline has necessary approvals to run | ||
| trigger-gitlab-pipeline: | ||
| needs: authorize | ||
| runs-on: [self-hosted, gitlab] | ||
| steps: | ||
| # Note: actions/checkout will run in the context of the caller workflow | ||
| # meaning, that we cannot use checkout defaults, and must specify | ||
| # this repo explicitly, to get its contents | ||
| # | ||
| # There might be a better way to do that, but I would like to avoid | ||
| # making this as inputs or secrets to have less manipulatable inputs | ||
| - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | ||
| with: | ||
| repository: NordSecurity/trigger-gitlab-pipeline | ||
| ref: LLT-5701_implement_reusable_workflow_to_enable_workflow_pinning_on_non_ephemeral_runners # Change to "main" after merge or figure out how to find out which reference was called | ||
| - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | ||
| with: | ||
| node-version: 20 | ||
| - name: Dependencies install | ||
| run: npm install | ||
| - name: Run triggering script | ||
| run: node index.js # It will not be accessible as of now, but it is enough for testing. | ||
| env: | ||
| TRIGGERED_REF: ${{ inputs.triggered-ref }} | ||
| SCHEDULE: ${{ inputs.schedule }} | ||
| CANCEL_OUTDATED_PIPELINES: ${{ inputs.cancel-outdated-pipelines }} | ||
| CI_API_V4_URL: ${{ secrets.ci-api-v4-url }} | ||
| ACCESS_TOKEN: ${{ secrets.access-token }} | ||
| TRIGGER_TOKEN: ${{ secrets.trigger-token }} | ||
| PROJECT_ID: ${{ secrets.project-id }} | ||
