Check project visibility in pipelines
We've had a few issues with MRs of users forking the project to private, then the CI pipelines failing with the non-helpful error messages.
Quoting @JoseExposito from libinput/libinput!749 (comment 1271668) where he ran this as a test:
While creating the merge request, GitLab shows a big warning about your fork's visibility. In addition the pipeline fails [...] With a non very descriptive error
The error is seen here in this test job
Pulling docker image registry.freedesktop.org/joseexposito/libinput/fedora/34:2021-07-30.0 ...
WARNING: Failed to pull image with policy "always": Error response from daemon: manifest for registry.freedesktop.org/joseexposito/libinput/fedora/34:2021-07-30.0 not found (manager.go:203:0s)
ERROR: Job failed: failed to pull image "registry.freedesktop.org/joseexposito/libinput/fedora/34:2021-07-30.0" with specified policies [always]: Error response from daemon: manifest for registry.freedesktop.org/joseexposito/libinput/fedora/34:2021-07-30.0 not found (manager.go:203:0s)
gitlab has CI_PROJECT_VISIBILITY
which we could easily check, either through ci-fairy (so we get nice-looking junit results) or by adding a template. Problem is: ci-fairy check-merge-request
is often run last so the user has time to actually file the merge request after pushing. So this would have to be a separate command.
libinput is now using this blurb:
fail-if-fork-is-not-public:
stage: sanity check
script:
- |
if [ $CI_PROJECT_VISIBILITY != "public" ]; then
echo "*************************************************************************************"
echo "Project visibility must be set to 'public'"
echo "Change this in $CI_PROJECT_URL/edit under 'Visibility, project features, permissions'"
echo "*************************************************************************************"
exit 1
fi
except:
- main@libinput/libinput
Barely worth creating a template job for this, so I'm just leaving this here for others to copy/paste. Unless there's a demand for standardising this somehow.