I am using a single Jenkins job for each project in git, with a Gerrit server. Some of the build steps in these builds push Docker images to the registry. I am trying to prevent Gerrit verification builds from pushing these images, while allowing merge and push-button builds to do so.
In the simplest case, no other person is making changes to this project, and this is their only change.
I have Gerrit triggers set for Patchset Created and Draft Published, and a 5-minute Poll SCM timer set to catch merges. The default GERRIT_BRACH and GERRIT_REFSPEC are set to master and refs/for/master respectively.
In the body of the build script, I have:
if [ -z "${GERRIT_EVENT_TYPE}" -o "$GERRIT_EVENT_TYPE" = 'change-merged' ]
then
docker push $TAG
else
echo 'You should not push a verification build'
fi
so that push-button builds and merge builds will push the docker image.
A change is made on a refs/for/<changename> branch, and this triggers a verification build. The GERRIT_EVENT_TYPE environment variable is set to patchset
-created, as expected. I use this value in the build scripting to determine that the docker push should not be performed.
|
At some point, the change is verified, code-reviewed and then merged.
However, it appears that Git/Gerrit is determining that the change on the refs/for/<changename> branch will be the same as the merged code, and the timer being used to detect a merge does not detect a change, and no merge build occurs.
The only way out appears to be to push the image from all verification builds as well as merge builds, which is killing the registry and the downstream processes that need to somehow weed out all the unwanted verification build pushes. That's a huge amount of unexpected work for ~300 builds, and is unsustainable.
What am I doing wrong? How can I successfully differentiate between a verification build and a merge build?