diff --git a/gitlab-ci/README.md b/gitlab-ci/README.md new file mode 100644 index 00000000..237774ff --- /dev/null +++ b/gitlab-ci/README.md @@ -0,0 +1,123 @@ +# gitlab-ci + +`gitlab-ci` is a KCL module for authoring GitLab CI/CD pipelines (`.gitlab-ci.yml`). +After installation, import it in KCL as `gitlab_ci`. + +Schemas are generated from GitLab's official JSON Schema (`ci.json`) and +post-processed for stability. The module intentionally does **not** emit +GitLab defaults into the output YAML, to avoid silently overriding `default:` +blocks at job level. + +## Install + +```bash +kcl mod add gitlab-ci:0.1.0 +``` + +## Public API + +| Name | Purpose | +|---|---| +| `Pipeline` | Root `.gitlab-ci.yml` document | +| `Header` | `spec:` header document (precedes pipeline with `---`) | +| `Spec` | Content of the `spec:` section | +| `Input` | Input for `spec.inputs` (`default` is **optional**, matches `configInputs`) | +| `JobInput` | Input for `job.inputs` (`default` is **required**, matches `jobInputs`) | +| `Job` | Reusable job definition | +| `Workflow` | Content of the `workflow:` section | + +Rules in `rules:` blocks are written as plain dicts. GitLab has multiple rule +shapes (workflow rules, job rules, pages rules) and a single Rule schema +cannot satisfy all of them. + +## Quick start + +```kcl +import gitlab_ci as ci + +ci.Pipeline { + stages = ["build", "test"] + "build" = ci.Job { + stage = "build" + script = ["echo build"] + } + "test" = ci.Job { + stage = "test" + script = ["echo test"] + } +} +``` + +## Component-style pipeline with inputs + +```kcl +import manifests +import gitlab_ci as ci + +header = ci.Header { + spec = ci.Spec { + inputs = { + stage = ci.Input { default = "test" } + image = ci.Input { + $type = "string" + default = "alpine:latest" + } + required_one = ci.Input { + description = "no default = required input" + } + } + } +} + +pipeline = ci.Pipeline { + "build" = ci.Job { + stage = "$[[ inputs.stage ]]" + image = "$[[ inputs.image ]]" + script = ["echo build"] + } +} + +manifests.yaml_stream([header, pipeline]) +``` + +## Job-level inputs + +`job.inputs` requires `default` per GitLab schema. Use `JobInput` (not `Input`) +to get the correct constraint: + +```kcl +import gitlab_ci as ci + +ci.Pipeline { + "deploy" = ci.Job { + inputs = { + target = ci.JobInput { default = "staging" } + } + script = ["deploy $[[ inputs.target ]]"] + } +} +``` + +KCL rejects `job.inputs` entries that omit `default`. + +## Defaults policy + +This module strips GitLab defaults during schema generation. Writing only +`script = [...]` produces only `script:` in the YAML — no `when: on_success`, +no `interruptible: false`, no `stages: [build, test, deploy]`. + +This is intentional. Emitting `interruptible: false` at job level would +override a `default: { interruptible: true }` block, silently breaking +pipeline semantics. GitLab applies its own defaults at runtime. + +## Spec section requires a YAML separator + +GitLab requires `spec:` to live in a separate YAML document, preceded by `---`. +This module exposes a `Header` schema for the spec section and a `Pipeline` +schema for the body. Use `manifests.yaml_stream([header, pipeline])` to emit +both with the `---` separator. This is pure KCL — no external tools needed. + +## Source + +The module is generated from GitLab's official schema: +https://gitlab.com/gitlab-org/gitlab/-/raw/master/app/assets/javascripts/editor/schema/ci.json diff --git a/gitlab-ci/artifacthub-pkg.yaml b/gitlab-ci/artifacthub-pkg.yaml new file mode 100644 index 00000000..35d446ac --- /dev/null +++ b/gitlab-ci/artifacthub-pkg.yaml @@ -0,0 +1,24 @@ +version: 0.1.0 +name: gitlab-ci +displayName: GitLab CI/CD +description: "`gitlab-ci` is a KCL module for authoring GitLab CI/CD pipelines" +links: +- name: GitLab CI/CD YAML syntax reference + url: https://docs.gitlab.com/ci/yaml/ +- name: KCL homepage + url: https://kcl-lang.io/ +install: | + #### Add `gitlab-ci` with tag `0.1.0` as dependency + ``` + kcl mod add gitlab-ci:0.1.0 + ``` + + #### Pull `gitlab-ci` with tag `0.1.0` to local + ``` + kcl mod pull gitlab-ci:0.1.0 + ``` +maintainers: +- name: kcl-lang.io + email: kcl-lang.io@domainsbyproxy.com +provider: + name: kcl-lang.io diff --git a/gitlab-ci/kcl.mod b/gitlab-ci/kcl.mod new file mode 100644 index 00000000..9b37486a --- /dev/null +++ b/gitlab-ci/kcl.mod @@ -0,0 +1,5 @@ +[package] +name = "gitlab-ci" +edition = "v0.12.3" +version = "0.1.0" +description = "KCL schemas for authoring GitLab CI/CD pipelines (.gitlab-ci.yml)" diff --git a/gitlab-ci/kcl.mod.lock b/gitlab-ci/kcl.mod.lock new file mode 100644 index 00000000..e69de29b diff --git a/gitlab-ci/main.k b/gitlab-ci/main.k new file mode 100644 index 00000000..bc5aa264 --- /dev/null +++ b/gitlab-ci/main.k @@ -0,0 +1,9 @@ +schema GitlabCi: + r""" + GitlabCi is the entrypoint schema for a GitLab CI/CD pipeline file (.gitlab-ci.yml). + """ + ci: GitlabCiYml + + check: + ci + diff --git a/gitlab-ci/public.k b/gitlab-ci/public.k new file mode 100644 index 00000000..c245ce77 --- /dev/null +++ b/gitlab-ci/public.k @@ -0,0 +1,99 @@ +""" +Public API for GitLab CI/CD pipelines. + +This file provides the recommended, stable, short-named schemas for authoring +.gitlab-ci.yml configurations. The verbose internal schemas (from JSON Schema +auto-generation) live in schema.k. + +Use these names instead of the internal ones: + + Pipeline - root .gitlab-ci.yml (type alias of GitlabCiYml) + Header - spec/inputs header document (precedes pipeline with `---`) + Spec - spec section content (from schema.k) + Input - input definition for spec.inputs (type alias of BaseInput) + default is OPTIONAL (matches GitLab configInputs) + JobInput - input definition for job.inputs (from schema.k) + default is REQUIRED (matches GitLab jobInputs) + Job - reusable job definition (from schema.k) + Workflow - workflow section content (type alias of PipelineWorkflow) + +Rules: write `rules:` entries as plain dicts (e.g. `{"if" = "$VAR", when = "manual"}`). +GitLab has multiple internal rule shapes (workflow rules, job rules, pages +rules) and a single Rule schema cannot satisfy all of them. KCL accepts plain +dicts thanks to the schema's union types. + +Example - simple pipeline: + + import gitlab_ci as ci + + pipeline = ci.Pipeline { + stages = ["build", "test"] + "build" = ci.Job { + stage = "build" + script = ["echo build"] + } + } + +Example - component with header (spec inputs, default optional): + + import manifests + import gitlab_ci as ci + + header = ci.Header { + spec = ci.Spec { + inputs = { + stage = ci.Input { default = "test" } + required_one = ci.Input { + description = "no default = required" + } + } + } + } + + pipeline = ci.Pipeline { + "build" = ci.Job { + stage = "$[[ inputs.stage ]]" + script = ["echo build"] + } + } + + manifests.yaml_stream([header, pipeline]) + +Example - job with inputs (default REQUIRED per GitLab spec): + + pipeline = ci.Pipeline { + "deploy" = ci.Job { + inputs = { + target = ci.JobInput { default = "staging" } + } + script = ["deploy $[[ inputs.target ]]"] + } + } +""" + +# Type aliases for the public API. +# +# We use `type X = Y` instead of: +# - `schema X(Y):` because empty inheritance does NOT propagate index +# signatures like `[...str]: JobV0 | JobV1 | Job`. Users would lose +# the ability to add jobs as dynamic properties on Pipeline. +# - `mixin` because mixins add behavior to a schema, not aliases for it. +# - `protocol` because protocols describe shapes for mixin targets, not +# replacements for union types. +# +# Type aliases preserve the full underlying schema including [...str]. +type Pipeline = GitlabCiYml +type Workflow = PipelineWorkflow +type Input = BaseInput + +schema Header: + r""" + Header document with the spec section. Must be emitted as a separate + YAML document, before the pipeline body, separated by `---`. + Use manifests.yaml_stream([header, pipeline]) to emit both. + + Attributes + ---------- + spec : Spec, optional + """ + spec?: Spec diff --git a/gitlab-ci/schema.k b/gitlab-ci/schema.k new file mode 100644 index 00000000..b0f8b225 --- /dev/null +++ b/gitlab-ci/schema.k @@ -0,0 +1,2796 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex + +schema GitlabCiYml: + r""" + GitlabCiYml + + Attributes + ---------- + "$schema" : str, optional + spec : Spec, optional + image : str | PipelineImageV1, optional + services : [str | PipelineServicesItemV1], optional + before_script : str | [any], optional + after_script : str | [any], optional + variables : GlobalVariables, optional + cache : CacheItem | [CacheItem], optional + "!reference" : [str], optional + default : PipelineDefault, optional + stages : [any], optional, default is ["build", "test", "deploy"] + include : str | IncludeV0V1 | IncludeV0V2 | IncludeV0V3 | IncludeV0V4 | IncludeV0V5 | [str | IncludeV1ItemV1 | IncludeV1ItemV2 | IncludeV1ItemV3 | IncludeV1ItemV4 | IncludeV1ItemV5], optional + pages : JobV0 | JobV1 | Job, optional + workflow : PipelineWorkflow, optional + """ + + "$schema"?: str + spec?: Spec + image?: str | PipelineImageV1 + services?: [str | PipelineServicesItemV1] + before_script?: str | [any] + after_script?: str | [any] + variables?: GlobalVariables + cache?: CacheItem | [CacheItem] + "!reference"?: [str] + default?: PipelineDefault + stages?: [any] + include?: str | IncludeV0V1 | IncludeV0V2 | IncludeV0V3 | IncludeV0V4 | IncludeV0V5 | [str | IncludeV1ItemV1 | IncludeV1ItemV2 | IncludeV1ItemV3 | IncludeV1ItemV4 | IncludeV1ItemV5] + pages?: JobV0 | JobV1 | Job + workflow?: PipelineWorkflow + [...str]: JobV0 | JobV1 | Job + + check: + len(stages) >= 1 if stages + isunique(stages) if stages + +schema Artifacts: + r""" + Artifacts + + Attributes + ---------- + paths : [str], optional + exclude : [str], optional + expose_as : str, optional + name : str, optional + untracked : bool, optional, default is False + when : "on_success" | "on_failure" | "always", optional, default is "on_success" + access : "none" | "developer" | "maintainer" | "all", optional, default is "all" + expire_in : str, optional, default is "30 days" + reports : JobArtifactsReports, optional + """ + + paths?: [str] + exclude?: [str] + expose_as?: str + name?: str + untracked?: bool + when?: "on_success" | "on_failure" | "always" + access?: "none" | "developer" | "maintainer" | "all" + expire_in?: str + reports?: JobArtifactsReports + + check: + len(paths) >= 1 if paths + len(exclude) >= 1 if exclude + +schema BaseInput: + r""" + BaseInput + + Attributes + ---------- + $type : "array" | "boolean" | "number" | "string", optional, default is "string" + description : str, optional + options : [str | float | bool], optional + regex : str, optional + default : any, required + """ + + $type?: "array" | "boolean" | "number" | "string" + description?: str + options?: [str | float | bool] + regex?: str + default?: any + + check: + len(description) <= 1024 if description + +schema JobInput: + r""" + JobInput defines an input parameter for job.inputs. + Unlike spec.inputs, job.inputs REQUIRE a default value per GitLab schema. + + Attributes + ---------- + $type : "array" | "boolean" | "number" | "string", optional + description : str, optional + options : [str | float | bool], optional + regex : str, optional + default : any, required + """ + + $type?: "array" | "boolean" | "number" | "string" + description?: str + options?: [str | float | bool] + regex?: str + default: any + + check: + len(description) <= 1024 if description + +schema CacheItem: + r""" + CacheItem + + Attributes + ---------- + key : str | JobCacheV1ItemKeyV1, optional + paths : [str], optional + policy : str, optional, default is "pull-push" + unprotect : bool, optional, default is False + untracked : bool, optional, default is False + when : "on_success" | "on_failure" | "always", optional, default is "on_success" + fallback_keys : [str], optional + """ + + key?: str | JobCacheV1ItemKeyV1 + paths?: [str] + policy?: str + unprotect?: bool + untracked?: bool + when?: "on_success" | "on_failure" | "always" + fallback_keys?: [str] + + check: + policy in ["pull-push", "pull", "push"] or regex.match(policy, r"^\$[A-Za-z0-9_]+$") if policy + len(fallback_keys) <= 5 if fallback_keys + +schema ConfigInputs: + r""" + ConfigInputs + """ + + [key: str]: BaseInput + + check: + regex.match(key, r".*") + +schema JobAllowFailureV1: + r""" + Exit code that are not considered failure. The job fails for any other exit code. + + Attributes + ---------- + exit_codes : int, required + """ + + exit_codes: int | [int] + +schema JobAllowFailureV2: + r""" + You can list which exit codes are not considered failures. The job fails for any other exit code. + + Attributes + ---------- + exit_codes : [int], required + """ + + exit_codes: [int] + + check: + len(exit_codes) >= 1 + isunique(exit_codes) + +schema JobArtifactsReports: + r""" + JobArtifactsReports + + Attributes + ---------- + accessibility : str, optional + Path to JSON file with accessibility report. + annotations : str, optional + Path to JSON file with annotations report. + junit : str | [str], optional + Path for file(s) that should be parsed as JUnit XML result + browser_performance : str, optional + Path to a single file with browser performance metric report(s). + coverage_report : any | JobArtifactsReportsCoverageReport, optional + Used to collect coverage reports from the job. + codequality : str | [str], optional + Path to file or list of files with code quality report(s) (such as Code Climate). + dotenv : str | [str], optional + Path to file or list of files containing runtime-created variables for this job. + lsif : str | [str], optional + Path to file or list of files containing code intelligence (Language Server Index Format). + sast : str | [str], optional + Path to file or list of files with SAST vulnerabilities report(s). + dependency_scanning : str | [str], optional + Path to file or list of files with Dependency scanning vulnerabilities report(s). + container_scanning : str | [str], optional + Path to file or list of files with Container scanning vulnerabilities report(s). + dast : str | [str], optional + Path to file or list of files with DAST vulnerabilities report(s). + license_management : str | [str], optional + Deprecated in 12.8: Path to file or list of files with license report(s). + license_scanning : str | [str], optional + Path to file or list of files with license report(s). + requirements : str | [str], optional + Path to file or list of files with requirements report(s). + secret_detection : str | [str], optional + Path to file or list of files with secret detection report(s). + metrics : str | [str], optional + Path to file or list of files with custom metrics report(s). + terraform : str | [str], optional + Path to file or list of files with terraform plan(s). + cyclonedx : str | [str], optional + sarif : str | [str], optional + load_performance : str | [str], optional + repository_xray : str | [str], optional + Path to file or list of files with Repository X-Ray report(s). + """ + + accessibility?: str + annotations?: str + junit?: str | [str] + browser_performance?: str + coverage_report?: any | JobArtifactsReportsCoverageReport + codequality?: str | [str] + dotenv?: str | [str] + lsif?: str | [str] + sast?: str | [str] + dependency_scanning?: str | [str] + container_scanning?: str | [str] + dast?: str | [str] + license_management?: str | [str] + license_scanning?: str | [str] + requirements?: str | [str] + secret_detection?: str | [str] + metrics?: str | [str] + terraform?: str | [str] + cyclonedx?: str | [str] + sarif?: str | [str] + load_performance?: str | [str] + repository_xray?: str | [str] + +schema JobArtifactsReportsCoverageReport: + r""" + Used to collect coverage reports from the job. + + Attributes + ---------- + coverage_format : "cobertura" | "jacoco", optional + Code coverage format used by the test framework. + path : str, optional + Path to the coverage report file that should be parsed. + """ + + coverage_format?: "cobertura" | "jacoco" + path?: str + + check: + len(path) >= 1 if path + +schema JobCacheV0KeyV1: + r""" + JobCacheV0KeyV1 + + Attributes + ---------- + files : [str], optional + files_commits : [str], optional + prefix : str, optional + """ + + files?: [str] + files_commits?: [str] + prefix?: str + + check: + len(files) <= 2 if files + len(files) >= 1 if files + len(files_commits) <= 2 if files_commits + len(files_commits) >= 1 if files_commits + +schema JobCacheV1ItemKeyV1: + r""" + JobCacheV1ItemKeyV1 + + Attributes + ---------- + files : [str], optional + files_commits : [str], optional + prefix : str, optional + """ + + files?: [str] + files_commits?: [str] + prefix?: str + + check: + len(files) <= 2 if files + len(files) >= 1 if files + len(files_commits) <= 2 if files_commits + len(files_commits) >= 1 if files_commits + +schema JobEnvironmentV1: + r""" + JobEnvironmentV1 + + Attributes + ---------- + name : str, required + The name of the environment, e.g. 'qa', 'staging', 'production'. + url : str, optional + When set, this will expose buttons in various places for the current environment in GitLab, that will take you to the defined URL. + on_stop : str, optional + The name of a job to execute when the environment is about to be stopped. + action : "start" | "prepare" | "stop" | "verify" | "access", optional, default is "start" + Specifies what this job will do. 'start' (default) indicates the job will start the deployment. 'prepare'/'verify'/'access' indicates this will not affect the deployment. 'stop' indicates this will stop the deployment. + auto_stop_in : str, optional + The amount of time it should take before GitLab will automatically stop the environment. Supports a wide variety of formats, e.g. '1 week', '3 mins 4 sec', '2 hrs 20 min', '2h20min', '6 mos 1 day', '47 yrs 6 mos and 4d', '3 weeks and 2 days'. + kubernetes : JobEnvironmentV1Kubernetes, optional + Used to configure the kubernetes deployment for this environment. This is currently not supported for kubernetes clusters that are managed by GitLab. + deployment_tier : str, optional + Explicitly specifies the tier of the deployment environment if non-standard environment name is used. + """ + + name: str + url?: str + on_stop?: str + action?: "start" | "prepare" | "stop" | "verify" | "access" + auto_stop_in?: str + kubernetes?: JobEnvironmentV1Kubernetes + deployment_tier?: str + + check: + len(name) >= 1 + regex.match(url, r"^(https?://.+|\$[A-Za-z]+)") if url + regex.match(url, r"^[a-zA-Z][a-zA-Z0-9+-.]*://[^/?#]+(?:/[^?#]*)?(?:\?[^#]*)?(?:#.*)?$") if url + +schema JobEnvironmentV1Kubernetes: + r""" + Used to configure the kubernetes deployment for this environment. This is currently not supported for kubernetes clusters that are managed by GitLab. + + Attributes + ---------- + agent : str, optional + Specifies the GitLab Agent for Kubernetes. The format is `path/to/agent/project:agent-name`. + namespace : str, optional + Deprecated. Use `dashboard.namespace` instead. The kubernetes namespace where this environment's dashboard should be deployed to. + flux_resource_path : str, optional + Deprecated. Use `dashboard.flux_resource_path` instead. The Flux resource path to associate with this environment. This must be the full resource path. For example, 'helm.toolkit.fluxcd.io/v2/namespaces/gitlab-agent/helmreleases/gitlab-agent'. + managed_resources : JobEnvironmentV1KubernetesManagedResources, optional + Used to configure the managed resources for this environment. + dashboard : JobEnvironmentV1KubernetesDashboard, optional + Used to configure the dashboard for this environment. + """ + + agent?: str + namespace?: str + flux_resource_path?: str + managed_resources?: JobEnvironmentV1KubernetesManagedResources + dashboard?: JobEnvironmentV1KubernetesDashboard + + check: + len(namespace) >= 1 if namespace + +schema JobEnvironmentV1KubernetesDashboard: + r""" + Used to configure the dashboard for this environment. + + Attributes + ---------- + namespace : str, optional + The kubernetes namespace where the dashboard for this environment should be deployed to. + flux_resource_path : str, optional + The Flux resource path to associate with this environment. This must be the full resource path. For example, 'helm.toolkit.fluxcd.io/v2/namespaces/gitlab-agent/helmreleases/gitlab-agent'. + """ + + namespace?: str + flux_resource_path?: str + + check: + len(namespace) >= 1 if namespace + +schema JobEnvironmentV1KubernetesManagedResources: + r""" + Used to configure the managed resources for this environment. + + Attributes + ---------- + enabled : bool, optional, default is True + Indicates whether the managed resources are enabled for this environment. + """ + + enabled?: bool + +schema JobExceptV2: + r""" + JobExceptV2 + + Attributes + ---------- + refs : [any | any | any | any], optional + Filter job by different keywords that determine origin or state, or by supplying string/regex to check against branch/tag names. + kubernetes : "active", optional + Filter job based on if Kubernetes integration is active. + variables : [str], optional + changes : [str], optional + Filter job creation based on files that were modified in a git push. + """ + + refs?: [any | any | any | any] + kubernetes?: "active" + variables?: [str] + changes?: [str] + +schema JobIdTokens: + r""" + JobIdTokens + + Attributes + ---------- + aud : str | [str], required + """ + + aud: str | [str] + +schema JobImageV1: + r""" + Specifies the docker image to use for the job or globally for all jobs. Job configuration takes precedence over global setting. Requires a certain kind of GitLab runner executor. + + Attributes + ---------- + name : str, required + Full name of the image that should be used. It should contain the Registry part if needed. + entrypoint : any, optional + Command or script that should be executed as the container's entrypoint. It will be translated to Docker's --entrypoint option while creating the container. The syntax is similar to Dockerfile's ENTRYPOINT directive, where each shell token is a separate string in the array. + docker : JobImageV1Docker, optional + kubernetes : JobImageV1Kubernetes, optional + pull_policy : "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"], optional, default is "always" + """ + + name: str + entrypoint?: any + docker?: JobImageV1Docker + kubernetes?: JobImageV1Kubernetes + pull_policy?: "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"] + + check: + len(name) >= 1 + len(entrypoint) >= 1 if entrypoint + +schema JobImageV1Docker: + r""" + JobImageV1Docker + + Attributes + ---------- + platform : str, optional + Image architecture to pull. + user : str, optional + Username or UID to use for the container. + """ + + platform?: str + user?: str + + check: + len(platform) >= 1 if platform + +schema JobImageV1Kubernetes: + r""" + JobImageV1Kubernetes + + Attributes + ---------- + user : str | int, optional + Username or UID to use for the container. It also supports the UID:GID format. + """ + + user?: str | int + +schema JobInherit: + r""" + JobInherit + + Attributes + ---------- + default : bool | ["after_script" | "artifacts" | "before_script" | "cache" | "image" | "interruptible" | "retry" | "services" | "tags" | "timeout"], optional + variables : bool | [str], optional + """ + + default?: bool | [str] + variables?: bool | [str] + +schema JobNeedsItemV1: + r""" + JobNeedsItemV1 + + Attributes + ---------- + job : str, required + artifacts : bool, optional + optional : bool, optional + parallel : JobNeedsItemV1ParallelV0, optional + Use the `needs:parallel:matrix` keyword to specify parallelized jobs needed to be completed for the job to run. [Learn More](https://docs.gitlab.com/ci/yaml/#needsparallelmatrix) + """ + + job: str + artifacts?: any + optional?: any + parallel?: JobNeedsItemV1ParallelV0 + +schema JobNeedsItemV1ParallelV0: + r""" + JobNeedsItemV1ParallelV0 + + Attributes + ---------- + matrix : [JobNeedsItemV1ParallelV0MatrixItem], required + Defines different variables for jobs that are running in parallel. + """ + + matrix: [JobNeedsItemV1ParallelV0MatrixItem] + + check: + len(matrix) <= 200 + +schema JobNeedsItemV1ParallelV0MatrixItem: + r""" + Defines the variables for a specific job. + """ + + [...str]: str | float | [any] + +schema JobNeedsItemV2: + r""" + JobNeedsItemV2 + + Attributes + ---------- + pipeline : str, required + job : str, required + artifacts : bool, optional + parallel : JobNeedsItemV2ParallelV0, optional + Use the `needs:parallel:matrix` keyword to specify parallelized jobs needed to be completed for the job to run. [Learn More](https://docs.gitlab.com/ci/yaml/#needsparallelmatrix) + """ + + pipeline: str + job: str + artifacts?: any + parallel?: JobNeedsItemV2ParallelV0 + +schema JobNeedsItemV2ParallelV0: + r""" + JobNeedsItemV2ParallelV0 + + Attributes + ---------- + matrix : [JobNeedsItemV2ParallelV0MatrixItem], required + Defines different variables for jobs that are running in parallel. + """ + + matrix: [JobNeedsItemV2ParallelV0MatrixItem] + + check: + len(matrix) <= 200 + +schema JobNeedsItemV2ParallelV0MatrixItem: + r""" + Defines the variables for a specific job. + """ + + [...str]: str | float | [any] + +schema JobNeedsItemV3: + r""" + JobNeedsItemV3 + + Attributes + ---------- + job : str, required + project : str, required + ref : str, required + artifacts : bool, optional + parallel : JobNeedsItemV3ParallelV0, optional + Use the `needs:parallel:matrix` keyword to specify parallelized jobs needed to be completed for the job to run. [Learn More](https://docs.gitlab.com/ci/yaml/#needsparallelmatrix) + """ + + job: str + project: str + ref: str + artifacts?: any + parallel?: JobNeedsItemV3ParallelV0 + +schema JobNeedsItemV3ParallelV0: + r""" + JobNeedsItemV3ParallelV0 + + Attributes + ---------- + matrix : [JobNeedsItemV3ParallelV0MatrixItem], required + Defines different variables for jobs that are running in parallel. + """ + + matrix: [JobNeedsItemV3ParallelV0MatrixItem] + + check: + len(matrix) <= 200 + +schema JobNeedsItemV3ParallelV0MatrixItem: + r""" + Defines the variables for a specific job. + """ + + [...str]: str | float | [any] + +schema JobV0: + r""" + JobV0 + + Attributes + ---------- + when : "delayed", required + """ + + when: "delayed" + +schema JobV1: + r""" + JobV1 + + Attributes + ---------- + when : any, optional + """ + + when?: any + +schema JobOnlyV2: + r""" + JobOnlyV2 + + Attributes + ---------- + refs : [any | any | any], optional + Filter job by different keywords that determine origin or state, or by supplying string/regex to check against branch/tag names. + kubernetes : "active", optional + Filter job based on if Kubernetes integration is active. + variables : [str], optional + changes : [str], optional + Filter job creation based on files that were modified in a git push. + """ + + refs?: [any | any | any] + kubernetes?: "active" + variables?: [str] + changes?: [str] + +schema JobPagesV0: + r""" + JobPagesV0 + + Attributes + ---------- + path_prefix : str, optional + expire_in : str, optional + publish : str, optional + """ + + path_prefix?: str + expire_in?: str + publish?: str + +schema JobParallelV1: + r""" + JobParallelV1 + + Attributes + ---------- + matrix : [JobParallelV1MatrixItem], required + Defines different variables for jobs that are running in parallel. + """ + + matrix: [JobParallelV1MatrixItem] + + check: + len(matrix) <= 200 + +schema JobParallelV1MatrixItem: + r""" + Defines the variables for a specific job. + """ + + [...str]: str | float | [any] + +schema JobRelease: + r""" + Indicates that the job creates a Release. + + Attributes + ---------- + tag_name : str, required + The tag_name must be specified. It can refer to an existing Git tag or can be specified by the user. + tag_message : str, optional + Message to use if creating a new annotated tag. + description : str, required + Specifies the longer description of the Release. + name : str, optional + The Release name. If omitted, it is populated with the value of release: tag_name. + ref : str, optional + If the release: tag_name doesn’t exist yet, the release is created from ref. ref can be a commit SHA, another tag name, or a branch name. + milestones : [str], optional + The title of each milestone the release is associated with. + released_at : str, optional + The date and time when the release is ready. Defaults to the current date and time if not defined. Should be enclosed in quotes and expressed in ISO 8601 format. + assets : JobReleaseAssets, optional + """ + + tag_name: str + tag_message?: str + description: str + name?: str + ref?: str + milestones?: [str] + released_at?: str + assets?: JobReleaseAssets + + check: + len(tag_name) >= 1 + len(description) >= 1 + regex.match(released_at, r"^(?:[1-9]\d{3}-(?:(?:0[1-9]|1[0-2])-(?:0[1-9]|1\d|2[0-8])|(?:0[13-9]|1[0-2])-(?:29|30)|(?:0[13578]|1[02])-31)|(?:[1-9]\d(?:0[48]|[2468][048]|[13579][26])|(?:[2468][048]|[13579][26])00)-02-29)T(?:[01]\d|2[0-3]):[0-5]\d:[0-5]\d(?:Z|[+-][01]\d:[0-5]\d)$") if released_at + regex.match(released_at, r"^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\.\d+)?(Z|[+-]\d{2}:\d{2})$") if released_at + +schema JobReleaseAssets: + r""" + JobReleaseAssets + + Attributes + ---------- + links : [JobReleaseAssetsLinksItem], required + Include asset links in the release. + """ + + links: [JobReleaseAssetsLinksItem] + + check: + len(links) >= 1 + +schema JobReleaseAssetsLinksItem: + r""" + JobReleaseAssetsLinksItem + + Attributes + ---------- + name : str, required + The name of the link. + url : str, required + The URL to download a file. + filepath : str, optional + The redirect link to the url. + link_type : "runbook" | "package" | "image" | "other", optional + The content kind of what users can download via url. + """ + + name: str + url: str + filepath?: str + link_type?: "runbook" | "package" | "image" | "other" + + check: + len(name) >= 1 + len(url) >= 1 + +schema JobRetryV1: + r""" + JobRetryV1 + + Attributes + ---------- + max : int, optional, default is 0 + The number of times the job will be retried if it fails. Defaults to 0 and can max be retried 2 times (3 times total). + when : "always" | "unknown_failure" | "script_failure" | "api_failure" | "stuck_or_timeout_failure" | "runner_system_failure" | "runner_unsupported" | "stale_schedule" | "job_execution_timeout" | "archived_failure" | "unmet_prerequisites" | "scheduler_failure" | "data_integrity_failure" | ["always" | "unknown_failure" | "script_failure" | "api_failure" | "stuck_or_timeout_failure" | "runner_system_failure" | "runner_unsupported" | "stale_schedule" | "job_execution_timeout" | "archived_failure" | "unmet_prerequisites" | "scheduler_failure" | "data_integrity_failure"], optional + exit_codes : [int] | int, optional + """ + + max?: int + when?: "always" | "unknown_failure" | "script_failure" | "api_failure" | "stuck_or_timeout_failure" | "runner_system_failure" | "runner_unsupported" | "stale_schedule" | "job_execution_timeout" | "archived_failure" | "unmet_prerequisites" | "scheduler_failure" | "data_integrity_failure" | ["always" | "unknown_failure" | "script_failure" | "api_failure" | "stuck_or_timeout_failure" | "runner_system_failure" | "runner_unsupported" | "stale_schedule" | "job_execution_timeout" | "archived_failure" | "unmet_prerequisites" | "scheduler_failure" | "data_integrity_failure"] + exit_codes?: [int] | int + + check: + max <= 2 if max + max >= 0 if max + +schema JobRunItemV0: + r""" + Run a referenced function. + + Attributes + ---------- + name : str, required + env : StepNamedStrings, optional + inputs : StepNamedValues, optional + step : str | StepGitReference | StepOciReference, optional + func : str | StepGitReference | StepOciReference, optional + """ + + name: str + env?: StepNamedStrings + inputs?: StepNamedValues + step?: str | StepGitReference | StepOciReference + func?: str | StepGitReference | StepOciReference + + check: + (step and not func) or (func and not step) + regex.match(name, r"^[a-zA-Z_][a-zA-Z0-9_]*$") + +schema JobRunItemV0FuncV1Git: + r""" + JobRunItemV0FuncV1Git + + Attributes + ---------- + url : str, required + dir : str, optional + rev : str, required + file : str, optional + """ + + url: str + dir?: str + rev: str + file?: str + +schema JobRunItemV0FuncV2Oci: + r""" + JobRunItemV0FuncV2Oci + + Attributes + ---------- + registry : str, required + The [:] of the container registry server. + repository : str, required + A path within the registry containing related OCI images. Typically the namespace, project, and image name. + tag : str, required + A pointer to the image manifest hosted in the OCI repository. + dir : str, optional + A directory inside the OCI image where the function can be found. + file : str, optional + The name of the file that defines the function, defaults to func.yml. + """ + + registry: str + repository: str + tag: str + dir?: str + file?: str + +schema JobRunItemV0StepV1Git: + r""" + JobRunItemV0StepV1Git + + Attributes + ---------- + url : str, required + dir : str, optional + rev : str, required + file : str, optional + """ + + url: str + dir?: str + rev: str + file?: str + +schema JobRunItemV0StepV2Oci: + r""" + JobRunItemV0StepV2Oci + + Attributes + ---------- + registry : str, required + The [:] of the container registry server. + repository : str, required + A path within the registry containing related OCI images. Typically the namespace, project, and image name. + tag : str, required + A pointer to the image manifest hosted in the OCI repository. + dir : str, optional + A directory inside the OCI image where the function can be found. + file : str, optional + The name of the file that defines the function, defaults to func.yml. + """ + + registry: str + repository: str + tag: str + dir?: str + file?: str + +schema JobRunItemV1: + r""" + Run a script. + + Attributes + ---------- + name : str, required + env : StepNamedStrings, optional + script : str, required + """ + + name: str + env?: StepNamedStrings + script: str + + check: + regex.match(name, r"^[a-zA-Z_][a-zA-Z0-9_]*$") + len(script) >= 1 + +schema JobRunItems1V0: + r""" + Run a referenced function. + + Attributes + ---------- + name : str, required + env : StepNamedStrings, optional + inputs : StepNamedValues, optional + step : str | StepGitReference | StepOciReference, optional + func : str | StepGitReference | StepOciReference, optional + """ + + name: str + env?: StepNamedStrings + inputs?: StepNamedValues + step?: str | StepGitReference | StepOciReference + func?: str | StepGitReference | StepOciReference + + check: + (step and not func) or (func and not step) + regex.match(name, r"^[a-zA-Z_][a-zA-Z0-9_]*$") + +schema JobRunItems1V0FuncV1Git: + r""" + JobRunItems1V0FuncV1Git + + Attributes + ---------- + url : str, required + dir : str, optional + rev : str, required + file : str, optional + """ + + url: str + dir?: str + rev: str + file?: str + +schema JobRunItems1V0FuncV2Oci: + r""" + JobRunItems1V0FuncV2Oci + + Attributes + ---------- + registry : str, required + The [:] of the container registry server. + repository : str, required + A path within the registry containing related OCI images. Typically the namespace, project, and image name. + tag : str, required + A pointer to the image manifest hosted in the OCI repository. + dir : str, optional + A directory inside the OCI image where the function can be found. + file : str, optional + The name of the file that defines the function, defaults to func.yml. + """ + + registry: str + repository: str + tag: str + dir?: str + file?: str + +schema JobRunItems1V0StepV1Git: + r""" + JobRunItems1V0StepV1Git + + Attributes + ---------- + url : str, required + dir : str, optional + rev : str, required + file : str, optional + """ + + url: str + dir?: str + rev: str + file?: str + +schema JobRunItems1V0StepV2Oci: + r""" + JobRunItems1V0StepV2Oci + + Attributes + ---------- + registry : str, required + The [:] of the container registry server. + repository : str, required + A path within the registry containing related OCI images. Typically the namespace, project, and image name. + tag : str, required + A pointer to the image manifest hosted in the OCI repository. + dir : str, optional + A directory inside the OCI image where the function can be found. + file : str, optional + The name of the file that defines the function, defaults to func.yml. + """ + + registry: str + repository: str + tag: str + dir?: str + file?: str + +schema JobRunItems1V1: + r""" + Run a script. + + Attributes + ---------- + name : str, required + env : StepNamedStrings, optional + script : str, required + """ + + name: str + env?: StepNamedStrings + script: str + + check: + regex.match(name, r"^[a-zA-Z_][a-zA-Z0-9_]*$") + len(script) >= 1 + +schema JobSecrets: + r""" + JobSecrets + + Attributes + ---------- + vault : str | JobSecretsVaultV1, optional + gcp_secret_manager : JobSecretsGcpSecretManager, optional + azure_key_vault : JobSecretsAzureKeyVault, optional + aws_secrets_manager : str | JobSecretsAwsSecretsManagerV1, optional + gitlab_secrets_manager : JobSecretsGitlabSecretsManager, optional + file : bool, optional, default is True + token : str, optional + Specifies the JWT variable that should be used to authenticate with the secret provider. + """ + + vault?: any + gcp_secret_manager?: JobSecretsGcpSecretManager + azure_key_vault?: JobSecretsAzureKeyVault + aws_secrets_manager?: str | JobSecretsAwsSecretsManagerV1 + gitlab_secrets_manager?: JobSecretsGitlabSecretsManager + file?: bool + token?: str + +schema JobSecretsAwsSecretsManagerV1: + r""" + JobSecretsAwsSecretsManagerV1 + + Attributes + ---------- + secret_id : str, required + The ARN or name of the secret to retrieve. To retrieve a secret from another account, you must use an ARN. + version_id : str, optional + The unique identifier of the version of the secret to retrieve. If you include both this parameter and VersionStage, the two parameters must refer to the same secret version. If you don't specify either a VersionStage or VersionId, Secrets Manager returns the AWSCURRENT version. + version_stage : str, optional + The staging label of the version of the secret to retrieve. If you include both this parameter and VersionStage, the two parameters must refer to the same secret version. If you don't specify either a VersionStage or VersionId, Secrets Manager returns the AWSCURRENT version. + region : str, optional + The AWS region where the secret is stored. Use this to override the region for a specific secret. Defaults to AWS_REGION variable. + role_arn : str, optional + The ARN of the IAM role to assume before retrieving the secret. Use this to override the ARN. Defaults to AWS_ROLE_ARN variable. + role_session_name : str, optional + The name of the session to use when assuming the role. Use this to override the session name. Defaults to AWS_ROLE_SESSION_NAME variable. + field : str, optional + The name of the field to retrieve from the secret. If not specified, the entire secret is retrieved. + """ + + secret_id: str + version_id?: str + version_stage?: str + region?: str + role_arn?: str + role_session_name?: str + field?: str + +schema JobSecretsAzureKeyVault: + r""" + JobSecretsAzureKeyVault + + Attributes + ---------- + name : str, required + version : str, optional + """ + + name: str + version?: str + +schema JobSecretsGcpSecretManager: + r""" + JobSecretsGcpSecretManager + + Attributes + ---------- + name : str, required + version : str | int, optional, default is "version" + """ + + name: str + version?: str | int + +schema JobSecretsGitlabSecretsManager: + r""" + JobSecretsGitlabSecretsManager + + Attributes + ---------- + name : str, required + Name of the secret. Only letters, digits, and underscores are allowed. + source : str, optional + Source of the secret. Defaults to the current project if not given. For fetching a secret from a group, provide group/ + """ + + name: str + source?: str + + check: + regex.match(name, r"^[a-zA-Z0-9_]+$") + +schema JobSecretsVaultV1: + r""" + JobSecretsVaultV1 + + Attributes + ---------- + engine : JobSecretsVaultV1Engine, required + path : str, required + field : str, required + """ + + engine: JobSecretsVaultV1Engine + path: str + field: str + +schema JobSecretsVaultV1Engine: + r""" + JobSecretsVaultV1Engine + + Attributes + ---------- + name : str, required + path : str, required + """ + + name: str + path: str + +schema JobServicesItemV1: + r""" + JobServicesItemV1 + + Attributes + ---------- + name : str, required + Full name of the image that should be used. It should contain the Registry part if needed. + entrypoint : [str], optional + docker : JobServicesItemV1Docker, optional + kubernetes : JobServicesItemV1Kubernetes, optional + pull_policy : "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"], optional, default is "always" + command : str | [any], optional + alias : str, optional + variables : JobVariables, optional + """ + + name: str + entrypoint?: [str] + docker?: JobServicesItemV1Docker + kubernetes?: JobServicesItemV1Kubernetes + pull_policy?: "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"] + command?: str | [any] + alias?: str + variables?: JobVariables + + check: + len(name) >= 1 + len(entrypoint) >= 1 if entrypoint + len(alias) >= 1 if alias + +schema JobServicesItemV1Docker: + r""" + JobServicesItemV1Docker + + Attributes + ---------- + platform : str, optional + Image architecture to pull. + user : str, optional + Username or UID to use for the container. + """ + + platform?: str + user?: str + + check: + len(platform) >= 1 if platform + +schema JobServicesItemV1Kubernetes: + r""" + JobServicesItemV1Kubernetes + + Attributes + ---------- + user : str | int, optional + Username or UID to use for the container. It also supports the UID:GID format. + """ + + user?: str | int + +schema JobServicesItemV1VariablesV1: + r""" + JobServicesItemV1VariablesV1 + + Attributes + ---------- + value : str, optional + expand : bool, optional + """ + + value?: str + expand?: bool + +schema JobServicesItems1V1: + r""" + JobServicesItems1V1 + + Attributes + ---------- + name : str, required + Full name of the image that should be used. It should contain the Registry part if needed. + entrypoint : [str], optional + docker : JobServicesItems1V1Docker, optional + kubernetes : JobServicesItems1V1Kubernetes, optional + pull_policy : "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"], optional, default is "always" + command : str | [any], optional + alias : str, optional + variables : JobVariables, optional + """ + + name: str + entrypoint?: [str] + docker?: JobServicesItems1V1Docker + kubernetes?: JobServicesItems1V1Kubernetes + pull_policy?: "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"] + command?: str | [any] + alias?: str + variables?: JobVariables + + check: + len(name) >= 1 + len(entrypoint) >= 1 if entrypoint + len(alias) >= 1 if alias + +schema JobServicesItems1V1Docker: + r""" + JobServicesItems1V1Docker + + Attributes + ---------- + platform : str, optional + Image architecture to pull. + user : str, optional + Username or UID to use for the container. + """ + + platform?: str + user?: str + + check: + len(platform) >= 1 if platform + +schema JobServicesItems1V1Kubernetes: + r""" + JobServicesItems1V1Kubernetes + + Attributes + ---------- + user : str | int, optional + Username or UID to use for the container. It also supports the UID:GID format. + """ + + user?: str | int + +schema JobServicesItems1V1VariablesV1: + r""" + JobServicesItems1V1VariablesV1 + + Attributes + ---------- + value : str, optional + expand : bool, optional + """ + + value?: str + expand?: bool + +schema JobTriggerV0: + r""" + JobTriggerV0 + + Attributes + ---------- + project : str, required + Path to the project, e.g. `group/project`, or `group/sub-group/project`. + branch : str, optional + The branch name that a downstream pipeline will use + strategy : "depend" | "mirror", optional + You can mirror or depend on the pipeline status from the triggered pipeline to the source bridge job by using strategy: `depend` or `mirror` + inputs : Inputs, optional + forward : JobTriggerV0Forward, optional + Specify what to forward to the downstream pipeline. + """ + + project: str + branch?: str + strategy?: "depend" | "mirror" + inputs?: Inputs + forward?: JobTriggerV0Forward + + check: + regex.match(project, r"(?:\S/\S|\$\S+)") + +schema JobTriggerV0Forward: + r""" + Specify what to forward to the downstream pipeline. + + Attributes + ---------- + yaml_variables : bool, optional, default is True + Variables defined in the trigger job are passed to downstream pipelines. + pipeline_variables : bool, optional, default is False + Variables added for manual pipeline runs and scheduled pipelines are passed to downstream pipelines. + """ + + yaml_variables?: bool + pipeline_variables?: bool + +schema JobTriggerV0InputsV3ItemV3: + r""" + JobTriggerV0InputsV3ItemV3 + """ + + [...str]: any + +schema JobTriggerV0InputsV4: + r""" + JobTriggerV0InputsV4 + """ + + [...str]: any + +schema JobTriggerV1: + r""" + Trigger a child pipeline. [Learn More](https://docs.gitlab.com/ci/pipelines/downstream_pipelines/#parent-child-pipelines). + + Attributes + ---------- + include : str | [JobTriggerV1IncludeV1ItemV0 | JobTriggerV1IncludeV1ItemV1 | JobTriggerV1IncludeV1ItemV2 | JobTriggerV1IncludeV1ItemV3 | JobTriggerV1IncludeV1ItemV4 | JobTriggerV1IncludeV1ItemV5], optional + strategy : "depend" | "mirror", optional + You can mirror or depend on the pipeline status from the triggered pipeline to the source bridge job by using strategy: `depend` or `mirror` + forward : JobTriggerV1Forward, optional + Specify what to forward to the downstream pipeline. + """ + + include?: str | [JobTriggerV1IncludeV1ItemV0 | JobTriggerV1IncludeV1ItemV1 | JobTriggerV1IncludeV1ItemV2 | JobTriggerV1IncludeV1ItemV3 | JobTriggerV1IncludeV1ItemV4 | JobTriggerV1IncludeV1ItemV5] + strategy?: "depend" | "mirror" + forward?: JobTriggerV1Forward + +schema JobTriggerV1Forward: + r""" + Specify what to forward to the downstream pipeline. + + Attributes + ---------- + yaml_variables : bool, optional, default is True + Variables defined in the trigger job are passed to downstream pipelines. + pipeline_variables : bool, optional, default is False + Variables added for manual pipeline runs and scheduled pipelines are passed to downstream pipelines. + """ + + yaml_variables?: bool + pipeline_variables?: bool + +schema JobTriggerV1IncludeV1ItemV0: + r""" + JobTriggerV1IncludeV1ItemV0 + + Attributes + ---------- + local : str, required + Relative path from local repository root (`/`) to the local YAML file to define the pipeline configuration. + inputs : Inputs, optional + """ + + local: str + inputs?: Inputs + + check: + regex.match(local, r"\.ya?ml$") + +schema JobTriggerV1IncludeV1ItemV0InputsV3ItemV3: + r""" + JobTriggerV1IncludeV1ItemV0InputsV3ItemV3 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV0InputsV4: + r""" + JobTriggerV1IncludeV1ItemV0InputsV4 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV1: + r""" + JobTriggerV1IncludeV1ItemV1 + + Attributes + ---------- + template : str, required + Name of the template YAML file to use in the pipeline configuration. + inputs : Inputs, optional + """ + + template: str + inputs?: Inputs + + check: + regex.match(template, r"\.ya?ml$") + +schema JobTriggerV1IncludeV1ItemV1InputsV3ItemV3: + r""" + JobTriggerV1IncludeV1ItemV1InputsV3ItemV3 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV1InputsV4: + r""" + JobTriggerV1IncludeV1ItemV1InputsV4 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV2: + r""" + JobTriggerV1IncludeV1ItemV2 + + Attributes + ---------- + artifact : str, required + Relative path to the generated YAML file which is extracted from the artifacts and used as the configuration for triggering the child pipeline. + job : str, required + Job name which generates the artifact + inputs : Inputs, optional + """ + + artifact: str + job: str + inputs?: Inputs + + check: + regex.match(artifact, r"\.ya?ml$") + +schema JobTriggerV1IncludeV1ItemV2InputsV3ItemV3: + r""" + JobTriggerV1IncludeV1ItemV2InputsV3ItemV3 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV2InputsV4: + r""" + JobTriggerV1IncludeV1ItemV2InputsV4 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV3: + r""" + JobTriggerV1IncludeV1ItemV3 + + Attributes + ---------- + project : str, required + Path to another private project under the same GitLab instance, like `group/project` or `group/sub-group/project`. + ref : str, optional + Branch/Tag/Commit hash for the target project. + file : str, required + Relative path from repository root (`/`) to the pipeline configuration YAML file. + inputs : Inputs, optional + """ + + project: str + ref?: str + file: str + inputs?: Inputs + + check: + regex.match(project, r"(?:\S/\S|\$\S+)") + len(ref) >= 1 if ref + regex.match(file, r"\.ya?ml$") + +schema JobTriggerV1IncludeV1ItemV3InputsV3ItemV3: + r""" + JobTriggerV1IncludeV1ItemV3InputsV3ItemV3 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV3InputsV4: + r""" + JobTriggerV1IncludeV1ItemV3InputsV4 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV4: + r""" + JobTriggerV1IncludeV1ItemV4 + + Attributes + ---------- + component : str, required + Local path to component directory or full path to external component directory. + inputs : Inputs, optional + """ + + component: str + inputs?: Inputs + +schema JobTriggerV1IncludeV1ItemV4InputsV3ItemV3: + r""" + JobTriggerV1IncludeV1ItemV4InputsV3ItemV3 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV4InputsV4: + r""" + JobTriggerV1IncludeV1ItemV4InputsV4 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV5: + r""" + JobTriggerV1IncludeV1ItemV5 + + Attributes + ---------- + remote : str, required + URL to a `yaml`/`yml` template file using HTTP/HTTPS. + inputs : Inputs, optional + """ + + remote: str + inputs?: Inputs + + check: + regex.match(remote, r"^https?://.+\.ya?ml$") + +schema JobTriggerV1IncludeV1ItemV5InputsV3ItemV3: + r""" + JobTriggerV1IncludeV1ItemV5InputsV3ItemV3 + """ + + [...str]: any + +schema JobTriggerV1IncludeV1ItemV5InputsV4: + r""" + JobTriggerV1IncludeV1ItemV5InputsV4 + """ + + [...str]: any + +schema JobVariablesV1: + r""" + JobVariablesV1 + + Attributes + ---------- + value : str, optional + expand : bool, optional + """ + + value?: str + expand?: bool + +schema PipelineCacheV0KeyV1: + r""" + PipelineCacheV0KeyV1 + + Attributes + ---------- + files : [str], optional + files_commits : [str], optional + prefix : str, optional + """ + + files?: [str] + files_commits?: [str] + prefix?: str + + check: + len(files) <= 2 if files + len(files) >= 1 if files + len(files_commits) <= 2 if files_commits + len(files_commits) >= 1 if files_commits + +schema PipelineCacheV1ItemKeyV1: + r""" + PipelineCacheV1ItemKeyV1 + + Attributes + ---------- + files : [str], optional + files_commits : [str], optional + prefix : str, optional + """ + + files?: [str] + files_commits?: [str] + prefix?: str + + check: + len(files) <= 2 if files + len(files) >= 1 if files + len(files_commits) <= 2 if files_commits + len(files_commits) >= 1 if files_commits + +schema PipelineDefault: + r""" + PipelineDefault + + Attributes + ---------- + after_script : str | [any], optional + artifacts : any | Artifacts, optional + before_script : str | [any], optional + hooks : Hooks, optional + cache : CacheItem | [CacheItem], optional + image : str | PipelineDefaultImageV1, optional + interruptible : bool, optional, default is False + id_tokens : IdTokens, optional + identity : "google_cloud", optional + retry : int | PipelineDefaultRetryV1, optional + services : [str | PipelineDefaultServicesItemV1], optional + tags : [any], optional + timeout : str, optional + "!reference" : [str], optional + """ + + after_script?: str | [any] + artifacts?: any | Artifacts + before_script?: str | [any] + hooks?: Hooks + cache?: CacheItem | [CacheItem] + image?: str | PipelineDefaultImageV1 + interruptible?: bool + id_tokens?: IdTokens + identity?: "google_cloud" + retry?: int | PipelineDefaultRetryV1 + services?: [str | PipelineDefaultServicesItemV1] + tags?: [any] + timeout?: str + "!reference"?: [str] + + check: + len(tags) >= 1 if tags + len(timeout) >= 1 if timeout + +schema PipelineDefaultArtifactsReports: + r""" + PipelineDefaultArtifactsReports + + Attributes + ---------- + accessibility : str, optional + Path to JSON file with accessibility report. + annotations : str, optional + Path to JSON file with annotations report. + junit : str | [str], optional + Path for file(s) that should be parsed as JUnit XML result + browser_performance : str, optional + Path to a single file with browser performance metric report(s). + coverage_report : any | PipelineDefaultArtifactsReportsCoverageReport, optional + Used to collect coverage reports from the job. + codequality : str | [str], optional + Path to file or list of files with code quality report(s) (such as Code Climate). + dotenv : str | [str], optional + Path to file or list of files containing runtime-created variables for this job. + lsif : str | [str], optional + Path to file or list of files containing code intelligence (Language Server Index Format). + sast : str | [str], optional + Path to file or list of files with SAST vulnerabilities report(s). + dependency_scanning : str | [str], optional + Path to file or list of files with Dependency scanning vulnerabilities report(s). + container_scanning : str | [str], optional + Path to file or list of files with Container scanning vulnerabilities report(s). + dast : str | [str], optional + Path to file or list of files with DAST vulnerabilities report(s). + license_management : str | [str], optional + Deprecated in 12.8: Path to file or list of files with license report(s). + license_scanning : str | [str], optional + Path to file or list of files with license report(s). + requirements : str | [str], optional + Path to file or list of files with requirements report(s). + secret_detection : str | [str], optional + Path to file or list of files with secret detection report(s). + metrics : str | [str], optional + Path to file or list of files with custom metrics report(s). + terraform : str | [str], optional + Path to file or list of files with terraform plan(s). + cyclonedx : str | [str], optional + sarif : str | [str], optional + load_performance : str | [str], optional + repository_xray : str | [str], optional + Path to file or list of files with Repository X-Ray report(s). + """ + + accessibility?: str + annotations?: str + junit?: str | [str] + browser_performance?: str + coverage_report?: any | PipelineDefaultArtifactsReportsCoverageReport + codequality?: str | [str] + dotenv?: str | [str] + lsif?: str | [str] + sast?: str | [str] + dependency_scanning?: str | [str] + container_scanning?: str | [str] + dast?: str | [str] + license_management?: str | [str] + license_scanning?: str | [str] + requirements?: str | [str] + secret_detection?: str | [str] + metrics?: str | [str] + terraform?: str | [str] + cyclonedx?: str | [str] + sarif?: str | [str] + load_performance?: str | [str] + repository_xray?: str | [str] + +schema PipelineDefaultArtifactsReportsCoverageReport: + r""" + Used to collect coverage reports from the job. + + Attributes + ---------- + coverage_format : "cobertura" | "jacoco", optional + Code coverage format used by the test framework. + path : str, optional + Path to the coverage report file that should be parsed. + """ + + coverage_format?: "cobertura" | "jacoco" + path?: str + + check: + len(path) >= 1 if path + +schema PipelineDefaultCacheV0KeyV1: + r""" + PipelineDefaultCacheV0KeyV1 + + Attributes + ---------- + files : [str], optional + files_commits : [str], optional + prefix : str, optional + """ + + files?: [str] + files_commits?: [str] + prefix?: str + + check: + len(files) <= 2 if files + len(files) >= 1 if files + len(files_commits) <= 2 if files_commits + len(files_commits) >= 1 if files_commits + +schema PipelineDefaultCacheV1ItemKeyV1: + r""" + PipelineDefaultCacheV1ItemKeyV1 + + Attributes + ---------- + files : [str], optional + files_commits : [str], optional + prefix : str, optional + """ + + files?: [str] + files_commits?: [str] + prefix?: str + + check: + len(files) <= 2 if files + len(files) >= 1 if files + len(files_commits) <= 2 if files_commits + len(files_commits) >= 1 if files_commits + +schema PipelineDefaultIdTokens: + r""" + PipelineDefaultIdTokens + + Attributes + ---------- + aud : str | [str], required + """ + + aud: str | [str] + +schema PipelineDefaultImageV1: + r""" + Specifies the docker image to use for the job or globally for all jobs. Job configuration takes precedence over global setting. Requires a certain kind of GitLab runner executor. + + Attributes + ---------- + name : str, required + Full name of the image that should be used. It should contain the Registry part if needed. + entrypoint : any, optional + Command or script that should be executed as the container's entrypoint. It will be translated to Docker's --entrypoint option while creating the container. The syntax is similar to Dockerfile's ENTRYPOINT directive, where each shell token is a separate string in the array. + docker : PipelineDefaultImageV1Docker, optional + kubernetes : PipelineDefaultImageV1Kubernetes, optional + pull_policy : "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"], optional, default is "always" + """ + + name: str + entrypoint?: any + docker?: PipelineDefaultImageV1Docker + kubernetes?: PipelineDefaultImageV1Kubernetes + pull_policy?: "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"] + + check: + len(name) >= 1 + len(entrypoint) >= 1 if entrypoint + +schema PipelineDefaultImageV1Docker: + r""" + PipelineDefaultImageV1Docker + + Attributes + ---------- + platform : str, optional + Image architecture to pull. + user : str, optional + Username or UID to use for the container. + """ + + platform?: str + user?: str + + check: + len(platform) >= 1 if platform + +schema PipelineDefaultImageV1Kubernetes: + r""" + PipelineDefaultImageV1Kubernetes + + Attributes + ---------- + user : str | int, optional + Username or UID to use for the container. It also supports the UID:GID format. + """ + + user?: str | int + +schema PipelineDefaultRetryV1: + r""" + PipelineDefaultRetryV1 + + Attributes + ---------- + max : int, optional, default is 0 + The number of times the job will be retried if it fails. Defaults to 0 and can max be retried 2 times (3 times total). + when : "always" | "unknown_failure" | "script_failure" | "api_failure" | "stuck_or_timeout_failure" | "runner_system_failure" | "runner_unsupported" | "stale_schedule" | "job_execution_timeout" | "archived_failure" | "unmet_prerequisites" | "scheduler_failure" | "data_integrity_failure" | ["always" | "unknown_failure" | "script_failure" | "api_failure" | "stuck_or_timeout_failure" | "runner_system_failure" | "runner_unsupported" | "stale_schedule" | "job_execution_timeout" | "archived_failure" | "unmet_prerequisites" | "scheduler_failure" | "data_integrity_failure"], optional + exit_codes : [int] | int, optional + """ + + max?: int + when?: "always" | "unknown_failure" | "script_failure" | "api_failure" | "stuck_or_timeout_failure" | "runner_system_failure" | "runner_unsupported" | "stale_schedule" | "job_execution_timeout" | "archived_failure" | "unmet_prerequisites" | "scheduler_failure" | "data_integrity_failure" | ["always" | "unknown_failure" | "script_failure" | "api_failure" | "stuck_or_timeout_failure" | "runner_system_failure" | "runner_unsupported" | "stale_schedule" | "job_execution_timeout" | "archived_failure" | "unmet_prerequisites" | "scheduler_failure" | "data_integrity_failure"] + exit_codes?: [int] | int + + check: + max <= 2 if max + max >= 0 if max + +schema PipelineDefaultServicesItemV1: + r""" + PipelineDefaultServicesItemV1 + + Attributes + ---------- + name : str, required + Full name of the image that should be used. It should contain the Registry part if needed. + entrypoint : [str], optional + docker : PipelineDefaultServicesItemV1Docker, optional + kubernetes : PipelineDefaultServicesItemV1Kubernetes, optional + pull_policy : "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"], optional, default is "always" + command : str | [any], optional + alias : str, optional + variables : JobVariables, optional + """ + + name: str + entrypoint?: [str] + docker?: PipelineDefaultServicesItemV1Docker + kubernetes?: PipelineDefaultServicesItemV1Kubernetes + pull_policy?: "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"] + command?: str | [any] + alias?: str + variables?: JobVariables + + check: + len(name) >= 1 + len(entrypoint) >= 1 if entrypoint + len(alias) >= 1 if alias + +schema PipelineDefaultServicesItemV1Docker: + r""" + PipelineDefaultServicesItemV1Docker + + Attributes + ---------- + platform : str, optional + Image architecture to pull. + user : str, optional + Username or UID to use for the container. + """ + + platform?: str + user?: str + + check: + len(platform) >= 1 if platform + +schema PipelineDefaultServicesItemV1Kubernetes: + r""" + PipelineDefaultServicesItemV1Kubernetes + + Attributes + ---------- + user : str | int, optional + Username or UID to use for the container. It also supports the UID:GID format. + """ + + user?: str | int + +schema PipelineDefaultServicesItemV1VariablesV1: + r""" + PipelineDefaultServicesItemV1VariablesV1 + + Attributes + ---------- + value : str, optional + expand : bool, optional + """ + + value?: str + expand?: bool + +schema PipelineImageV1: + r""" + Specifies the docker image to use for the job or globally for all jobs. Job configuration takes precedence over global setting. Requires a certain kind of GitLab runner executor. + + Attributes + ---------- + name : str, required + Full name of the image that should be used. It should contain the Registry part if needed. + entrypoint : any, optional + Command or script that should be executed as the container's entrypoint. It will be translated to Docker's --entrypoint option while creating the container. The syntax is similar to Dockerfile's ENTRYPOINT directive, where each shell token is a separate string in the array. + docker : PipelineImageV1Docker, optional + kubernetes : PipelineImageV1Kubernetes, optional + pull_policy : "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"], optional, default is "always" + """ + + name: str + entrypoint?: any + docker?: PipelineImageV1Docker + kubernetes?: PipelineImageV1Kubernetes + pull_policy?: "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"] + + check: + len(name) >= 1 + len(entrypoint) >= 1 if entrypoint + +schema PipelineImageV1Docker: + r""" + PipelineImageV1Docker + + Attributes + ---------- + platform : str, optional + Image architecture to pull. + user : str, optional + Username or UID to use for the container. + """ + + platform?: str + user?: str + + check: + len(platform) >= 1 if platform + +schema PipelineImageV1Kubernetes: + r""" + PipelineImageV1Kubernetes + + Attributes + ---------- + user : str | int, optional + Username or UID to use for the container. It also supports the UID:GID format. + """ + + user?: str | int + +schema IncludeV0V1: + r""" + IncludeV0V1 + + Attributes + ---------- + local : str, required + Relative path from local repository root (`/`) to the `yaml`/`yml` file template. The file must be on the same branch, and does not work across git submodules. + rules : [any] | any, optional + inputs : Inputs, optional + """ + + local: str + rules?: [any] | any + inputs?: Inputs + + check: + regex.match(local, r"\\.ya?ml$") if local + regex.match(local, r"\.ya?ml$") + +schema IncludeV0V1InputsV3ItemV3: + r""" + IncludeV0V1InputsV3ItemV3 + """ + + [...str]: any + +schema IncludeV0V1InputsV4: + r""" + IncludeV0V1InputsV4 + """ + + [...str]: any + +schema IncludeV0V2: + r""" + IncludeV0V2 + + Attributes + ---------- + project : str, required + Path to the project, e.g. `group/project`, or `group/sub-group/project` [Learn more](https://docs.gitlab.com/ci/yaml/#includeproject). + ref : str, optional + Branch/Tag/Commit-hash for the target project. + file : str | [str], required + rules : [any] | any, optional + inputs : Inputs, optional + """ + + project: str + ref?: str + file: str | [str] + rules?: [any] | any + inputs?: Inputs + + check: + regex.match(project, r"(?:\\S/\\S|\\$\\S+)") if project + regex.match(project, r"(?:\S/\S|\$\S+)") + +schema IncludeV0V2InputsV3ItemV3: + r""" + IncludeV0V2InputsV3ItemV3 + """ + + [...str]: any + +schema IncludeV0V2InputsV4: + r""" + IncludeV0V2InputsV4 + """ + + [...str]: any + +schema IncludeV0V3: + r""" + IncludeV0V3 + + Attributes + ---------- + template : str, required + Use a `.gitlab-ci.yml` template as a base, e.g. `Nodejs.gitlab-ci.yml`. + rules : [any] | any, optional + inputs : Inputs, optional + """ + + template: str + rules?: [any] | any + inputs?: Inputs + + check: + regex.match(template, r"\\.ya?ml$") if template + regex.match(template, r"\.ya?ml$") + +schema IncludeV0V3InputsV3ItemV3: + r""" + IncludeV0V3InputsV3ItemV3 + """ + + [...str]: any + +schema IncludeV0V3InputsV4: + r""" + IncludeV0V3InputsV4 + """ + + [...str]: any + +schema IncludeV0V4: + r""" + IncludeV0V4 + + Attributes + ---------- + component : str, required + Local path to component directory or full path to external component directory. + rules : [any] | any, optional + inputs : Inputs, optional + """ + + component: str + rules?: [any] | any + inputs?: Inputs + +schema IncludeV0V4InputsV3ItemV3: + r""" + IncludeV0V4InputsV3ItemV3 + """ + + [...str]: any + +schema IncludeV0V4InputsV4: + r""" + IncludeV0V4InputsV4 + """ + + [...str]: any + +schema IncludeV0V5: + r""" + IncludeV0V5 + + Attributes + ---------- + remote : str, required + URL to a `yaml`/`yml` template file using HTTP/HTTPS. + integrity : str, optional + SHA256 integrity hash of the remote file content. + rules : [any] | any, optional + inputs : Inputs, optional + """ + + remote: str + integrity?: str + rules?: [any] | any + inputs?: Inputs + + check: + regex.match(remote, r"^https?://.+\\.ya?ml$") if remote + regex.match(remote, r"^https?://.+\.ya?ml$") + regex.match(integrity, r"^sha256-[A-Za-z0-9+/]{43}=$") if integrity + +schema IncludeV0V5InputsV3ItemV3: + r""" + IncludeV0V5InputsV3ItemV3 + """ + + [...str]: any + +schema IncludeV0V5InputsV4: + r""" + IncludeV0V5InputsV4 + """ + + [...str]: any + +schema IncludeV1ItemV1: + r""" + IncludeV1ItemV1 + + Attributes + ---------- + local : str, required + Relative path from local repository root (`/`) to the `yaml`/`yml` file template. The file must be on the same branch, and does not work across git submodules. + rules : [any] | any | any, optional + inputs : Inputs, optional + """ + + local: str + rules?: [any] | any | any + inputs?: Inputs + + check: + regex.match(local, r"\.ya?ml$") + +schema IncludeV1ItemV1InputsV3ItemV3: + r""" + IncludeV1ItemV1InputsV3ItemV3 + """ + + [...str]: any + +schema IncludeV1ItemV1InputsV4: + r""" + IncludeV1ItemV1InputsV4 + """ + + [...str]: any + +schema IncludeV1ItemV2: + r""" + IncludeV1ItemV2 + + Attributes + ---------- + project : str, required + Path to the project, e.g. `group/project`, or `group/sub-group/project` [Learn more](https://docs.gitlab.com/ci/yaml/#includeproject). + ref : str, optional + Branch/Tag/Commit-hash for the target project. + file : str | [str], required + rules : [any] | any | any, optional + inputs : Inputs, optional + """ + + project: str + ref?: str + file: str | [str] + rules?: [any] | any | any + inputs?: Inputs + + check: + regex.match(project, r"(?:\S/\S|\$\S+)") + +schema IncludeV1ItemV2InputsV3ItemV3: + r""" + IncludeV1ItemV2InputsV3ItemV3 + """ + + [...str]: any + +schema IncludeV1ItemV2InputsV4: + r""" + IncludeV1ItemV2InputsV4 + """ + + [...str]: any + +schema IncludeV1ItemV3: + r""" + IncludeV1ItemV3 + + Attributes + ---------- + template : str, required + Use a `.gitlab-ci.yml` template as a base, e.g. `Nodejs.gitlab-ci.yml`. + rules : [any] | any | any, optional + inputs : Inputs, optional + """ + + template: str + rules?: [any] | any | any + inputs?: Inputs + + check: + regex.match(template, r"\.ya?ml$") + +schema IncludeV1ItemV3InputsV3ItemV3: + r""" + IncludeV1ItemV3InputsV3ItemV3 + """ + + [...str]: any + +schema IncludeV1ItemV3InputsV4: + r""" + IncludeV1ItemV3InputsV4 + """ + + [...str]: any + +schema IncludeV1ItemV4: + r""" + IncludeV1ItemV4 + + Attributes + ---------- + component : str, required + Local path to component directory or full path to external component directory. + rules : [any] | any | any, optional + inputs : Inputs, optional + """ + + component: str + rules?: [any] | any | any + inputs?: Inputs + +schema IncludeV1ItemV4InputsV3ItemV3: + r""" + IncludeV1ItemV4InputsV3ItemV3 + """ + + [...str]: any + +schema IncludeV1ItemV4InputsV4: + r""" + IncludeV1ItemV4InputsV4 + """ + + [...str]: any + +schema IncludeV1ItemV5: + r""" + IncludeV1ItemV5 + + Attributes + ---------- + remote : str, required + URL to a `yaml`/`yml` template file using HTTP/HTTPS. + integrity : str, optional + SHA256 integrity hash of the remote file content. + rules : [any] | any | any, optional + inputs : Inputs, optional + """ + + remote: str + integrity?: str + rules?: [any] | any | any + inputs?: Inputs + + check: + regex.match(remote, r"^https?://.+\.ya?ml$") + regex.match(integrity, r"^sha256-[A-Za-z0-9+/]{43}=$") if integrity + +schema IncludeV1ItemV5InputsV3ItemV3: + r""" + IncludeV1ItemV5InputsV3ItemV3 + """ + + [...str]: any + +schema IncludeV1ItemV5InputsV4: + r""" + IncludeV1ItemV5InputsV4 + """ + + [...str]: any + +schema PipelineServicesItemV1: + r""" + PipelineServicesItemV1 + + Attributes + ---------- + name : str, required + Full name of the image that should be used. It should contain the Registry part if needed. + entrypoint : [str], optional + docker : PipelineServicesItemV1Docker, optional + kubernetes : PipelineServicesItemV1Kubernetes, optional + pull_policy : "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"], optional, default is "always" + command : str | [any], optional + alias : str, optional + variables : JobVariables, optional + """ + + name: str + entrypoint?: [str] + docker?: PipelineServicesItemV1Docker + kubernetes?: PipelineServicesItemV1Kubernetes + pull_policy?: "always" | "never" | "if-not-present" | ["always" | "never" | "if-not-present"] + command?: str | [any] + alias?: str + variables?: JobVariables + + check: + len(name) >= 1 + len(entrypoint) >= 1 if entrypoint + len(alias) >= 1 if alias + +schema PipelineServicesItemV1Docker: + r""" + PipelineServicesItemV1Docker + + Attributes + ---------- + platform : str, optional + Image architecture to pull. + user : str, optional + Username or UID to use for the container. + """ + + platform?: str + user?: str + + check: + len(platform) >= 1 if platform + +schema PipelineServicesItemV1Kubernetes: + r""" + PipelineServicesItemV1Kubernetes + + Attributes + ---------- + user : str | int, optional + Username or UID to use for the container. It also supports the UID:GID format. + """ + + user?: str | int + +schema PipelineServicesItemV1VariablesV1: + r""" + PipelineServicesItemV1VariablesV1 + + Attributes + ---------- + value : str, optional + expand : bool, optional + """ + + value?: str + expand?: bool + +schema Spec: + r""" + Spec + + Attributes + ---------- + inputs : ConfigInputs, optional + """ + + inputs?: ConfigInputs + +schema SpecInputsV0RulesItem: + r""" + SpecInputsV0RulesItem + """ + + [...str]: any + +schema PipelineVariablesV1: + r""" + PipelineVariablesV1 + + Attributes + ---------- + value : str, optional + options : [str], optional + description : str, optional + expand : bool, optional + """ + + value?: str + options?: [str] + description?: str + expand?: bool + + check: + len(options) >= 1 if options + isunique(options) if options + +schema PipelineWorkflow: + r""" + PipelineWorkflow + + Attributes + ---------- + name : str, optional + auto_cancel : WorkflowAutoCancel, optional + Define the rules for when pipeline should be automatically cancelled. + rules : [PipelineWorkflowRulesItem], optional + """ + + name?: str + auto_cancel?: WorkflowAutoCancel + rules?: [PipelineWorkflowRulesItem] + + check: + len(name) <= 255 if name + len(name) >= 1 if name + +schema PipelineWorkflowRulesItem: + r""" + PipelineWorkflowRulesItem + + Attributes + ---------- + $if : str, optional + changes : any, optional + exists : any, optional + variables : RulesVariables, optional + when : "always" | "never", optional + auto_cancel : WorkflowAutoCancel, optional + Define the rules for when pipeline should be automatically cancelled. + """ + + $if?: str + changes?: any + exists?: any + variables?: RulesVariables + when?: "always" | "never" + auto_cancel?: WorkflowAutoCancel + +schema GlobalVariables: + r""" + GlobalVariables + """ + + [key: str]: bool | float | str | PipelineVariablesV1 + + check: + regex.match(key, r".*") + +schema Hooks: + r""" + Hooks + + Attributes + ---------- + pre_get_sources_script : str | [any], optional + """ + + pre_get_sources_script?: str | [any] + +schema IdTokens: + r""" + IdTokens + """ + + [key: str]: JobIdTokens + + check: + regex.match(key, r".*") + +schema Inputs: + r""" + Inputs + """ + + [key: str]: str | float | bool | [str | float | bool | JobTriggerV1IncludeV1ItemV5InputsV3ItemV3 | [any]] | JobTriggerV1IncludeV1ItemV5InputsV4 + + check: + regex.match(key, r"^[a-zA-Z0-9_-]+$") + +schema Job: + r""" + Job + + Attributes + ---------- + image : str | JobImageV1, optional + services : [str | JobServicesItemV1 | str | JobServicesItems1V1], optional + before_script : str | [any], optional + after_script : str | [any], optional + hooks : Hooks, optional + rules : [any] | any | any, optional + variables : JobVariables, optional + cache : CacheItem | [CacheItem], optional + id_tokens : IdTokens, optional + identity : "google_cloud", optional + inputs : JobInputs, optional + secrets : Secrets, optional + script : str | [any], optional + run : [JobRunItemV0 | JobRunItemV1 | JobRunItems1V0 | JobRunItems1V1], optional + stage : any, optional + Define what stage the job will run in. + only : [any | any | any] | JobOnlyV2, optional + Job will run *only* when these filtering options match. + extends : str | [str], optional + The name of one or more jobs to inherit configuration from. + needs : [str | JobNeedsItemV1 | JobNeedsItemV2 | JobNeedsItemV3 | [str | str]], optional + The list of jobs in previous stages whose sole completion is needed to start the current job. + except : [any | any | any | any] | JobExceptV2, optional + Job will run *except* for when these filtering options match. + tags : [any | any], optional + allow_failure : bool | JobAllowFailureV1 | JobAllowFailureV2, optional + timeout : str, optional + when : "on_success" | "on_failure" | "always" | "never" | "manual" | "delayed", optional, default is "on_success" + start_in : str, optional + manual_confirmation : str, optional + dependencies : [str], optional + Specify a list of job names from earlier stages from which artifacts should be loaded. By default, all previous artifacts are passed. Use an empty array to skip downloading artifacts. + artifacts : any | Artifacts, optional + environment : str | JobEnvironmentV1, optional + Used to associate environment metadata with a deploy. Environment can have a name and URL attached to it, and will be displayed under /environments under the project. + release : JobRelease, optional + Indicates that the job creates a Release. + coverage : str, optional + Must be a regular expression, optionally but recommended to be quoted, and must be surrounded with '/'. Example: '/Code coverage: \d+\.\d+/' + retry : int | JobRetryV1, optional + parallel : int | JobParallelV1, optional + Splits up a single job into multiple that run in parallel. Provides `CI_NODE_INDEX` and `CI_NODE_TOTAL` environment variables to the jobs. + interruptible : bool, optional, default is False + resource_group : str, optional + Limit job concurrency. Can be used to ensure that the Runner will not run certain jobs simultaneously. + trigger : JobTriggerV0 | JobTriggerV1 | str, optional + inherit : JobInherit, optional + publish : str, optional + Deprecated. Use `pages.publish` instead. A path to a directory that contains the files to be published with Pages. + pages : JobPagesV0 | bool, optional + """ + + image?: str | JobImageV1 + services?: [str | JobServicesItemV1 | str | JobServicesItems1V1] + before_script?: str | [any] + after_script?: str | [any] + hooks?: Hooks + rules?: [any] | any | any + variables?: JobVariables + cache?: CacheItem | [CacheItem] + id_tokens?: IdTokens + identity?: "google_cloud" + inputs?: JobInputs + secrets?: Secrets + script?: str | [any] + run?: [JobRunItemV0 | JobRunItemV1 | JobRunItems1V0 | JobRunItems1V1] + stage?: any + only?: [any | any | any] | JobOnlyV2 + extends?: str | [str] + needs?: [str | JobNeedsItemV1 | JobNeedsItemV2 | JobNeedsItemV3 | [str | str]] + except?: [any | any | any | any] | JobExceptV2 + tags?: [any | any] + allow_failure?: bool | JobAllowFailureV1 | JobAllowFailureV2 + timeout?: str + when?: "on_success" | "on_failure" | "always" | "never" | "manual" | "delayed" + start_in?: str + manual_confirmation?: str + dependencies?: [str] + artifacts?: any | Artifacts + environment?: str | JobEnvironmentV1 + release?: JobRelease + coverage?: str + retry?: int | JobRetryV1 + parallel?: int | JobParallelV1 + interruptible?: bool + resource_group?: str + trigger?: JobTriggerV0 | JobTriggerV1 | str + inherit?: JobInherit + publish?: str + pages?: JobPagesV0 | bool + + check: + start_in if when == "delayed" + len(tags) >= 1 if tags + len(timeout) >= 1 if timeout + len(start_in) >= 1 if start_in + regex.match(coverage, r"^/.+/$") if coverage + +schema JobInputs: + r""" + JobInputs + """ + + [key: str]: JobInput + + check: + regex.match(key, r".*") + +schema JobVariables: + r""" + JobVariables + """ + + [key: str]: bool | float | str | JobVariablesV1 + + check: + regex.match(key, r".*") + +schema RulesVariables: + r""" + RulesVariables + """ + + [key: str]: bool | float | str + + check: + regex.match(key, r".*") + +schema Secrets: + r""" + Secrets + """ + + [key: str]: JobSecrets + + check: + regex.match(key, r".*") + +schema StepGitReference: + r""" + GitReference is a reference to a function in a Git repository. + + Attributes + ---------- + git : JobRunItems1V0FuncV1Git, required + """ + + git: JobRunItems1V0FuncV1Git + +schema StepNamedStrings: + r""" + StepNamedStrings + """ + + [key: str]: str + + check: + regex.match(key, r"^[a-zA-Z_][a-zA-Z0-9_]*$") + +schema StepNamedValues: + r""" + StepNamedValues + """ + + [key: str]: str | float | bool | [any] | any + + check: + regex.match(key, r"^[a-zA-Z_][a-zA-Z0-9_]*$") + +schema StepOciReference: + r""" + OCIReference is a reference to a function hosted in an OCI repository. + + Attributes + ---------- + oci : JobRunItems1V0FuncV2Oci, required + """ + + oci: JobRunItems1V0FuncV2Oci + +schema WorkflowAutoCancel: + r""" + Define the rules for when pipeline should be automatically cancelled. + + Attributes + ---------- + on_job_failure : "none" | "all", optional, default is "none" + on_new_commit : "conservative" | "interruptible" | "none", optional + """ + + on_job_failure?: "none" | "all" + on_new_commit?: "conservative" | "interruptible" | "none" +