CI: use commit SHA in persistent refspec
What does this MR do?
This is part of gitlab-com/gl-infra/scalability#746 (closed).
This changes the "persistent refspec" used by CI builds from the format +refs/pipelines/$PIPELINE_ID:refs/pipelines/$PIPELINE_ID
to +$COMMIT_SHA/:refs/pipelines/$PIPELINE_ID
. Because we made refs/pipelines/$PIPELINE_ID
ourselves these two refspecs are equivalent.
As explained in gitlab-com/gl-infra/scalability#746 (closed), in some cases the form with the commit SHA is more efficient, so I think we should just always use that. In the special case where this helps, git fetch
makes 2 HTTP requests instead of 3, because it does not try to resolve refs/pipelines/$PIPELINE_ID
on the server.
Screenshots (strongly suggested)
To see a difference you need to set CI variable GIT_FETCH_EXTRA_FLAGS
to --prune
(to get rid of the default --quiet
).
Fetching changes with git depth set to 50...
Reinitialized existing Git repository in REDACTED.git/
From http://127.0.0.1:3000/root/gitlab-test
* [new ref] 5a19cd321e3ce0fbb6552ed3a656edf2395d44df -> refs/pipelines/9
Checking out 5a19cd32 as refs/merge-requests/2/head...
Skipping Git submodules setup
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team