The "publish-cleanup" tag pipeline job is currently created for all
security releases, including BIND -S releases, but it depends on the
"publish" job, which is only created for open source releases. This
breaks CI configuration for BIND -S tags, preventing pipelines from
getting created for such tags altogether. Fix by only creating the
"publish-cleanup" job in tag pipelines for open source security
releases.
(cherry picked from commit
bb40c3463831d5520faf3b9bec1703df2e836684)
.rule_tag_open_source_maintenance: &rule_tag_open_source_maintenance
- if: '$CI_PROJECT_NAMESPACE == "isc-private" && $CI_COMMIT_TAG != null && $CI_COMMIT_TAG !~ /-S/ && $RELEASE_TYPE != "security"'
+.rule_tag_open_source_security: &rule_tag_open_source_security
+ - if: '$CI_PROJECT_NAMESPACE == "isc-private" && $CI_COMMIT_TAG != null && $CI_COMMIT_TAG !~ /-S/ && $RELEASE_TYPE == "security"'
+
.rule_tag_security: &rule_tag_security
- if: '$CI_PROJECT_NAMESPACE == "isc-private" && $CI_COMMIT_TAG != null && $RELEASE_TYPE == "security"'
tags:
- smalljob
rules:
- - *rule_tag_security
+ - *rule_tag_open_source_security
.manual_release_job_qa: &manual_release_job_qa
<<: *manual_release_job
projects / thirdparty / bind9.git / commitdiff
