← 返回
开发者工具
中文
GitLab
Avoid common GitLab CI/CD mistakes — rules gotchas, silent failures, and YAML merge traps.
避免常见的 GitLab CI/CD 错误——规则陷阱、静默失败和 YAML 合并陷阱。
ivangdavila
开发者工具
clawhub
v1.0.0 1 版本 99418.4 Key: 无需
#latest
概述
Rules Gotchas
rules: and only:/except: can't mix — use one or the other per job- First matching rule wins — put specific rules before general ones
- Missing
when: defaults to on_success — rules: - if: $CI_COMMIT_TAG runs on tag - Empty rules array
rules: [] means never run — different from no rules at all - Add
- when: never at end to prevent fallthrough — otherwise unmatched conditions may run
Silent Failures
- Protected variables missing on non-protected branches — job runs but variable is empty
- Runner tag mismatch — job stays pending forever with no error
docker:dind on non-privileged runner — fails with cryptic Docker errors- Masked variable format invalid — variable exposed in logs anyway
YAML Merge Traps
extends: doesn't deep merge arrays — scripts, variables arrays get replaced, not appended- Use
!reference [.job, script] to reuse — script: [!reference [.base, script], "my command"] include: files can override each other — last one wins for same keys- Anchors
&/* don't work across files — use extends: for cross-file reuse
Artifacts vs Cache
- Cache not guaranteed between runs — treat as optimization, not requirement
- Artifacts auto-download by stage — add
dependencies: [] to skip if not needed needs: downloads artifacts by default — needs: [{job: x, artifacts: false}] to skip
Docker-in-Docker
- Shared runners usually don't support privileged — need self-hosted or special config
DOCKER_HOST: tcp://docker:2375 required — job uses wrong Docker otherwiseDOCKER_TLS_CERTDIR: "" or configure TLS properly — half-configured TLS breaks builds
Pipeline Triggers
CI_PIPELINE_SOURCE differs by trigger — push, merge_request_event, schedule, api, trigger- MR pipelines need
rules: - if: $CI_MERGE_REQUEST_IID — not just branch rules - Detached vs merged result pipelines — detached tests source, merged tests result of merge
版本历史
共 1 个版本
-
v1.0.0
当前
2026-03-28 19:27 安全 安全
安全检测
腾讯云安全 (Sanbu)
安全,无风险
查看报告
🔗 相关推荐
developer-tools
steipete
Google Workspace 命令行工具,支持 Gmail、日历、云端硬盘、通讯录、表格和文档。
★ 920
📥 185,727
developer-tools
steipete
使用 `gh` CLI 与 GitHub 交互,通过 `gh issue`、`gh pr`、`gh run` 和 `gh api` 管理议题、PR、CI 运行及高级查询。
★ 666
📥 323,797
developer-tools
larsonreever
AI驱动平台,提供快速全栈开发、智能体、工作流自动化及低代码AI集成的可扩展产品创建。
★ 65
📥 179,847