From 8ac4615400e6e1992a179576d20ee9f220aa117b Mon Sep 17 00:00:00 2001
From: Pierre Smeyers <pierre.smeyers@gmail.com>
Date: Tue, 21 Jun 2022 00:07:41 +0200
Subject: [PATCH] feat: adaptive pipeline rules

BREAKING CHANGE: change default workflow from Branch pipeline to MR pipeline

BREAKING CHANGE: removed SONAR_AUTO_ON_DEV_DISABLED
---
 README.md                     |  1 -
 kicker.json                   |  5 -----
 templates/gitlab-ci-sonar.yml | 33 ++++++++++++++++++++++-----------
 3 files changed, 22 insertions(+), 17 deletions(-)

diff --git a/README.md b/README.md
index f672d9b..2420bf4 100644
--- a/README.md
+++ b/README.md
@@ -33,7 +33,6 @@ It is bound to the `test` stage, and uses the following variables:
 | :lock: `SONAR_GITLAB_TOKEN` | GitLab [access token](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) with `api` scope. When set, activates the [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties) integration. | _none_ |
 | `SONAR_BRANCH_ANALYSIS_DISABLED` | Set to `true` to disable automatic [Pull Request Analysis](https://docs.sonarqube.org/latest/analysis/pull-request/) and [Branch Analysis](https://docs.sonarqube.org/latest/branches/overview/)  | _none_ (enabled) |
 | `SONAR_GITLAB_ARGS`      | Extra arguments to use with [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties) | `-Dsonar.gitlab.url=${CI_SERVER_URL} -Dsonar.gitlab.user_token=${SONAR_GITLAB_TOKEN} -Dsonar.gitlab.project_id=${CI_PROJECT_ID} -Dsonar.gitlab.commit_sha=${CI_COMMIT_SHA} -Dsonar.gitlab.ref_name=${CI_COMMIT_REF_NAME}` |
-| `SONAR_AUTO_ON_DEV_DISABLED` | When set to `true`, SonarQube analysis becomes **manual** on development branches (automatic otherwise) | _none_ |
 
 #### Automatic Branch Analysis & Pull Request Analysis
 
diff --git a/kicker.json b/kicker.json
index f84f49d..c22dd30 100644
--- a/kicker.json
+++ b/kicker.json
@@ -51,11 +51,6 @@
       "description": "Extra arguments to use with [Sonar GitLab plugin](https://github.com/gabrie-allaigre/sonar-gitlab-plugin/#plugins-properties)",
       "default": "-Dsonar.gitlab.url=${CI_SERVER_URL} -Dsonar.gitlab.user_token=${SONAR_GITLAB_TOKEN} -Dsonar.gitlab.project_id=${CI_PROJECT_ID} -Dsonar.gitlab.commit_sha=${CI_COMMIT_SHA} -Dsonar.gitlab.ref_name=${CI_COMMIT_REF_NAME}",
       "advanced": true
-    },
-    {
-      "name": "SONAR_AUTO_ON_DEV_DISABLED",
-      "description": "When set, SonarQube analysis becomes **manual** on development branches (automatic otherwise)",
-      "type": "boolean"
     }
   ]
 }
diff --git a/templates/gitlab-ci-sonar.yml b/templates/gitlab-ci-sonar.yml
index df7032f..5c4a960 100644
--- a/templates/gitlab-ci-sonar.yml
+++ b/templates/gitlab-ci-sonar.yml
@@ -16,11 +16,30 @@
 # default workflow rules: Merge Request pipelines
 workflow:
   rules:
-    - if: '$CI_MERGE_REQUEST_ID'
+    # prevent branch pipeline when an MR is open (prefer MR pipeline)
     - if: '$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS'
       when: never
     - when: always
 
+# test job prototype: implement adaptive pipeline rules
+.test-policy:
+  rules:
+    # on tag: auto & failing
+    - if: $CI_COMMIT_TAG
+    # on ADAPTIVE_PIPELINE_DISABLED: auto & failing
+    - if: '$ADAPTIVE_PIPELINE_DISABLED == "true"'
+    # on production or integration branch(es): auto & failing
+    - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF'
+    # early stage (dev branch, no MR): manual & non-failing
+    - if: '$CI_MERGE_REQUEST_ID == null && $CI_OPEN_MERGE_REQUESTS == null'
+      when: manual
+      allow_failure: true
+    # Draft MR: auto & non-failing
+    - if: '$CI_MERGE_REQUEST_TITLE =~ /^Draft:.*/'
+      allow_failure: true
+    # else (Ready MR): auto & failing
+    - when: on_success
+
 variables:
   # variabilized tracking image
   TBC_TRACKING_IMAGE: "$CI_REGISTRY/to-be-continuous/tools/tracking:master"
@@ -300,13 +319,5 @@ sonar:
     # exclude if $SONAR_URL not set
     - if: '$SONAR_URL == null || $SONAR_URL == ""'
       when: never
-    # on tags: auto
-    - if: $CI_COMMIT_TAG
-    # on production or integration: auto
-    - if: '$CI_COMMIT_REF_NAME =~ $PROD_REF || $CI_COMMIT_REF_NAME =~ $INTEG_REF'
-    # else (non-production, non-integration branches): manual if $SONAR_AUTO_ON_DEV_DISABLED
-    - if: '$SONAR_AUTO_ON_DEV_DISABLED == "true"'
-      when: manual
-      allow_failure: true
-    # else: auto & allow failure
-    - allow_failure: true
+    - !reference [.test-policy, rules]
+
-- 
GitLab