Skip to content

CI: use commit SHA in persistent refspec

Jacob Vosmaer requested to merge jv-ci-refspec-sha into master

What does this MR do?

This is part of gitlab-com/gl-infra/scalability#746 (closed).

This changes the "persistent refspec" used by CI builds from the format +refs/pipelines/$PIPELINE_ID:refs/pipelines/$PIPELINE_ID to +$COMMIT_SHA/:refs/pipelines/$PIPELINE_ID. Because we made refs/pipelines/$PIPELINE_ID ourselves these two refspecs are equivalent.

As explained in gitlab-com/gl-infra/scalability#746 (closed), in some cases the form with the commit SHA is more efficient, so I think we should just always use that. In the special case where this helps, git fetch makes 2 HTTP requests instead of 3, because it does not try to resolve refs/pipelines/$PIPELINE_ID on the server.

Screenshots (strongly suggested)

To see a difference you need to set CI variable GIT_FETCH_EXTRA_FLAGS to --prune (to get rid of the default --quiet).

Fetching changes with git depth set to 50...
Reinitialized existing Git repository in REDACTED.git/
From http://127.0.0.1:3000/root/gitlab-test
 * [new ref]         5a19cd321e3ce0fbb6552ed3a656edf2395d44df -> refs/pipelines/9
Checking out 5a19cd32 as refs/merge-requests/2/head...
Skipping Git submodules setup

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Jacob Vosmaer

Merge request reports