From 7e3fd4d707fbb9edc5978fe0650cd43d766e6740 Mon Sep 17 00:00:00 2001 From: "Misha M.-Kupriyanov" Date: Wed, 1 Apr 2026 12:47:42 +0200 Subject: [PATCH 1/5] IONOS(fix): trigger GitLab image pipeline on main branch Per HDNEXT-1373 and HDNEXT-1091, the hidrivenext-image pipeline must be triggered on the 'main' branch (same as ncw-server). Pass BUILD_TYPE variable instead to differentiate dev/stable builds. --- .github/workflows/hidrive-next-build.yml | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/.github/workflows/hidrive-next-build.yml b/.github/workflows/hidrive-next-build.yml index 15bdb72925359..4c70b1afea586 100644 --- a/.github/workflows/hidrive-next-build.yml +++ b/.github/workflows/hidrive-next-build.yml @@ -291,12 +291,17 @@ jobs: # Enable command echo set -x - # The 'ionos-dev' branch will trigger remote "dev" branch workflow - GITLAB_BRANCH="dev" + # Branch to GitLab Trigger Mapping (see HDNEXT-1373): + # | ref_name | GITLAB_REF | BUILD_TYPE | + # |--------------|------------|------------| + # | ionos-dev | main | dev | + # | ionos-stable | main | stable | - # set ARTIFACTORY_STAGE_PREFIX=stable on ionos-stable branch + BUILD_TYPE="dev" + + # Override build type for stable branch if [ ${{ github.ref_name }} == "ionos-stable" ]; then - GITLAB_BRANCH="stable" + BUILD_TYPE="stable" fi # Call webhook @@ -307,11 +312,12 @@ jobs: --fail-with-body \ -o response.json \ --form token=${{ secrets.GITLAB_TOKEN }} \ - --form ref="${GITLAB_BRANCH}" \ + --form ref="main" \ --form "variables[GITHUB_SHA]=${{ github.sha }}" \ --form "variables[ARTIFACTORY_LAST_BUILD_PATH]=${{ needs.upload-to-artifactory.outputs.ARTIFACTORY_LAST_BUILD_PATH }}" \ --form "variables[NC_VERSION]=${{ needs.hidrive-next-build.outputs.NC_VERSION }}" \ --form "variables[BUILD_ID]=${{ github.run_id }}" \ + --form "variables[BUILD_TYPE]=${BUILD_TYPE}" \ "${{ secrets.GITLAB_TRIGGER_URL }}" || ( RETCODE="$?"; jq . response.json; exit "$RETCODE" ) # Disable command echo From 131bf7203531ece8c4c75fa3e3d908f429744ff4 Mon Sep 17 00:00:00 2001 From: "Misha M.-Kupriyanov" Date: Wed, 1 Apr 2026 12:52:03 +0200 Subject: [PATCH 2/5] IONOS(ci): pass SOURCE_BUILD_URL to GitLab trigger Adds traceability link back to the GitHub Actions run that triggered the GitLab image pipeline, matching ncw-server behaviour. --- .github/workflows/hidrive-next-build.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/hidrive-next-build.yml b/.github/workflows/hidrive-next-build.yml index 4c70b1afea586..9bef39c8470c7 100644 --- a/.github/workflows/hidrive-next-build.yml +++ b/.github/workflows/hidrive-next-build.yml @@ -304,6 +304,10 @@ jobs: BUILD_TYPE="stable" fi + # Construct source build URL for traceability + SOURCE_BUILD_URL="https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" + echo "Source Build URL: $SOURCE_BUILD_URL" + # Call webhook curl \ --silent \ @@ -318,6 +322,7 @@ jobs: --form "variables[NC_VERSION]=${{ needs.hidrive-next-build.outputs.NC_VERSION }}" \ --form "variables[BUILD_ID]=${{ github.run_id }}" \ --form "variables[BUILD_TYPE]=${BUILD_TYPE}" \ + --form "variables[SOURCE_BUILD_URL]=${SOURCE_BUILD_URL}" \ "${{ secrets.GITLAB_TRIGGER_URL }}" || ( RETCODE="$?"; jq . response.json; exit "$RETCODE" ) # Disable command echo From bdfc1813051b9517035434eb53883001b0fee446 Mon Sep 17 00:00:00 2001 From: "Misha M.-Kupriyanov" Date: Wed, 1 Apr 2026 12:52:32 +0200 Subject: [PATCH 3/5] IONOS(ci): add retry logic to GitLab trigger (3 attempts, exponential backoff) Mirrors ncw-server behaviour: retries up to 3 times with 5s/10s/20s delays before failing the job, making the trigger more resilient to transient errors. --- .github/workflows/hidrive-next-build.yml | 67 ++++++++++++++++++------ 1 file changed, 50 insertions(+), 17 deletions(-) diff --git a/.github/workflows/hidrive-next-build.yml b/.github/workflows/hidrive-next-build.yml index 9bef39c8470c7..c950da2a7428e 100644 --- a/.github/workflows/hidrive-next-build.yml +++ b/.github/workflows/hidrive-next-build.yml @@ -308,28 +308,61 @@ jobs: SOURCE_BUILD_URL="https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" echo "Source Build URL: $SOURCE_BUILD_URL" - # Call webhook - curl \ - --silent \ - --insecure \ - --request POST \ - --fail-with-body \ - -o response.json \ - --form token=${{ secrets.GITLAB_TOKEN }} \ - --form ref="main" \ - --form "variables[GITHUB_SHA]=${{ github.sha }}" \ - --form "variables[ARTIFACTORY_LAST_BUILD_PATH]=${{ needs.upload-to-artifactory.outputs.ARTIFACTORY_LAST_BUILD_PATH }}" \ - --form "variables[NC_VERSION]=${{ needs.hidrive-next-build.outputs.NC_VERSION }}" \ - --form "variables[BUILD_ID]=${{ github.run_id }}" \ - --form "variables[BUILD_TYPE]=${BUILD_TYPE}" \ - --form "variables[SOURCE_BUILD_URL]=${SOURCE_BUILD_URL}" \ - "${{ secrets.GITLAB_TRIGGER_URL }}" || ( RETCODE="$?"; jq . response.json; exit "$RETCODE" ) + # Trigger GitLab pipeline via webhook with retry logic (3 attempts with exponential backoff) + MAX_ATTEMPTS=3 + ATTEMPT=1 + TRIGGER_SUCCESS=false + DELAY_SEC=5 + + while [ $ATTEMPT -le $MAX_ATTEMPTS ]; do + echo "Trigger attempt $ATTEMPT of $MAX_ATTEMPTS..." + + if curl \ + --silent \ + --insecure \ + --request POST \ + --fail-with-body \ + -o response.json \ + --form token=${{ secrets.GITLAB_TOKEN }} \ + --form ref="main" \ + --form "variables[GITHUB_SHA]=${{ github.sha }}" \ + --form "variables[ARTIFACTORY_LAST_BUILD_PATH]=${{ needs.upload-to-artifactory.outputs.ARTIFACTORY_LAST_BUILD_PATH }}" \ + --form "variables[NC_VERSION]=${{ needs.hidrive-next-build.outputs.NC_VERSION }}" \ + --form "variables[BUILD_ID]=${{ github.run_id }}" \ + --form "variables[BUILD_TYPE]=${BUILD_TYPE}" \ + --form "variables[SOURCE_BUILD_URL]=${SOURCE_BUILD_URL}" \ + "${{ secrets.GITLAB_TRIGGER_URL }}"; then + TRIGGER_SUCCESS=true + echo "✅ Trigger successful on attempt $ATTEMPT" + break + else + RETCODE="$?" + echo "⚠️ Trigger attempt $ATTEMPT failed with code $RETCODE" + if [ -f response.json ]; then + jq . response.json || cat response.json + fi + if [ $ATTEMPT -lt $MAX_ATTEMPTS ]; then + echo "Waiting ${DELAY_SEC} seconds before retry..." + sleep $DELAY_SEC + DELAY_SEC=$((DELAY_SEC * 2)) # Exponential backoff: 5s, 10s, 20s + fi + fi + + ATTEMPT=$((ATTEMPT + 1)) + done + + if [ "$TRIGGER_SUCCESS" != "true" ]; then + echo "❌ Trigger failed after $MAX_ATTEMPTS attempts" + if [ -f response.json ]; then + jq . response.json || cat response.json + fi + exit 1 + fi # Disable command echo set +x # Print and parse json - # jq . response.json echo "json<> $GITHUB_OUTPUT cat response.json >> $GITHUB_OUTPUT echo "END" >> $GITHUB_OUTPUT From f50b42fc6b984ebd5278b30ba18f24854565fc87 Mon Sep 17 00:00:00 2001 From: "Misha M.-Kupriyanov" Date: Wed, 1 Apr 2026 12:52:57 +0200 Subject: [PATCH 4/5] IONOS(ci): add prerequisites check step to GitLab trigger job Validates that all required secrets and job outputs are present before attempting the trigger, providing clear error messages on misconfiguration. --- .github/workflows/hidrive-next-build.yml | 52 +++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/.github/workflows/hidrive-next-build.yml b/.github/workflows/hidrive-next-build.yml index c950da2a7428e..3c585750bb47b 100644 --- a/.github/workflows/hidrive-next-build.yml +++ b/.github/workflows/hidrive-next-build.yml @@ -286,9 +286,59 @@ jobs: # Trigger remote build on "ionos-dev|ionos-stable" branch *push* defined in the on:push:branches if: github.event_name == 'push' && ( github.ref_name == 'ionos-dev' || github.ref_name == 'ionos-stable' ) steps: + - name: Check prerequisites + run: | + echo "Checking if all required variables are set..." + error_count=0 + + if [ -z "${{ secrets.GITLAB_TOKEN }}" ]; then + echo "::error::GITLAB_TOKEN secret is not set" + error_count=$((error_count + 1)) + fi + + if [ -z "${{ secrets.GITLAB_TRIGGER_URL }}" ]; then + echo "::error::GITLAB_TRIGGER_URL secret is not set" + error_count=$((error_count + 1)) + fi + + if [ -z "${{ needs.hidrive-next-build.outputs.NC_VERSION }}" ]; then + echo "::error::NC_VERSION output from hidrive-next-build job is not set" + error_count=$((error_count + 1)) + else + echo "✓ NC_VERSION: ${{ needs.hidrive-next-build.outputs.NC_VERSION }}" + fi + + if [ -z "${{ needs.upload-to-artifactory.outputs.ARTIFACTORY_LAST_BUILD_PATH }}" ]; then + echo "::error::ARTIFACTORY_LAST_BUILD_PATH output from upload-to-artifactory job is not set" + error_count=$((error_count + 1)) + else + echo "✓ ARTIFACTORY_LAST_BUILD_PATH: ${{ needs.upload-to-artifactory.outputs.ARTIFACTORY_LAST_BUILD_PATH }}" + fi + + if [ -z "${{ github.sha }}" ]; then + echo "::error::github.sha is not set" + error_count=$((error_count + 1)) + else + echo "✓ GITHUB_SHA: ${{ github.sha }}" + fi + + if [ -z "${{ github.run_id }}" ]; then + echo "::error::github.run_id is not set" + error_count=$((error_count + 1)) + else + echo "✓ BUILD_ID: ${{ github.run_id }}" + fi + + if [ $error_count -ne 0 ]; then + echo "::error::Required variables are not set. Aborting." + exit 1 + fi + + echo "✅ All required variables are set" + - name: Trigger remote workflow run: | - # Enable command echo + # Enable command echo for debugging purposes set -x # Branch to GitLab Trigger Mapping (see HDNEXT-1373): From 922b321ff6ad3c80dfeb985168d78ffbec7dd414 Mon Sep 17 00:00:00 2001 From: "Misha M.-Kupriyanov" Date: Wed, 1 Apr 2026 12:53:26 +0200 Subject: [PATCH 5/5] IONOS(ci): add DISABLE_REMOTE_TRIGGER guard and explicit job conditions Allows disabling the GitLab trigger via a repository variable without modifying the workflow file. Also makes dependent job success conditions explicit, matching ncw-server behaviour. --- .github/workflows/hidrive-next-build.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/hidrive-next-build.yml b/.github/workflows/hidrive-next-build.yml index 3c585750bb47b..dfa0cf7443049 100644 --- a/.github/workflows/hidrive-next-build.yml +++ b/.github/workflows/hidrive-next-build.yml @@ -284,7 +284,15 @@ jobs: name: Trigger remote workflow needs: [ hidrive-next-build, upload-to-artifactory ] # Trigger remote build on "ionos-dev|ionos-stable" branch *push* defined in the on:push:branches - if: github.event_name == 'push' && ( github.ref_name == 'ionos-dev' || github.ref_name == 'ionos-stable' ) + # Can be disabled via repository variable 'DISABLE_REMOTE_TRIGGER' (set to 'true' to disable) + # Configure at: https://github.com/IONOS-Productivity/nc-server/settings/variables/actions + if: | + always() && + github.event_name == 'push' && + (github.ref_name == 'ionos-dev' || github.ref_name == 'ionos-stable') && + needs.hidrive-next-build.result == 'success' && + needs.upload-to-artifactory.result == 'success' && + vars.DISABLE_REMOTE_TRIGGER != 'true' steps: - name: Check prerequisites run: |