Is there a way or setting in gitlab by which I can allow users to create tags from pre-approved branches??
In other words, if I try to create a new tag on Gitlab, I get specific list of Git revisions for 'create from' field.
Asked
Active
Viewed 1,891 times
1 Answers
2
No, this is not a feature that exists in GitLab.
And, as far as git is concerned, tags are not associated with branches at all, only commits. So when a tag is pushed, you can never be certain of any one specific branch having been used.
As described in a similar question:
You can find which branch a tag is part of.
The issue is: a tag can be referenced (part of the history of) multiple branch.
So, you can find which branch(es) a tag belongs to. The closest thing to this may be to have a job in tag pipelines to verify the tagged commit exists on one of the pre-approved branches. However, this won't affect any dropdowns in the GitLab UI. It also won't prevent the tag push to begin with unless you use a pre-receive hook (self-managed GitLab only).
You might choose to include a CI job like this:
check_tags:
stage: .pre
# only allow tag pipelines to succeed if the tagged commit is
# in an acceptable branch
rules:
- if: $CI_COMMIT_TAG
script:
- allowed_branches='(main|release\/*)'
# get all the branches for this tag
- branches="$(find-branches "${CI_COMMIT_TAG}")" # you implement this
- |
for branch in $branches; do
if [[ $branch =~ $allowed_branches ]]; then
exit 0 # branch is allowed, exit gracefully
fi
done
# tag does not exist in any allowed branch
exit 1
You might even make the job remove the tag from the repo, if you really wanted.
If you had the same logic in a pre-receive hook, it could prevent the tag from being created.
sytech
- 29,298
- 3
- 45
- 86