Do not consider GitLab CI variables when LAB_CORE are equivalent set

[soullivaneuh]

Summary

Since upgrade from 0.17.2 to 0.23.0, I have a 401 error on merge request creation from a CI job:

2022/03/09 19:07:45 ERROR: mr_create.go:179: GET https://gitlab.com/api/v4/projects/kidways/docs: 401 {message: 401 Unauthorized}

Here is the complete script:

#!/usr/bin/env sh
set -e

branch=bot/dispatch

git clean -dx --force
git fetch --all
git checkout "${CI_DEFAULT_BRANCH}"
# May be simplified by `git switch -c "${branch}"` with git 2.23.
# @see https://stackoverflow.com/a/26961416/1731473
git checkout "${branch}" || git checkout -b "${branch}"

apply

git add --all
diff=$(git diff --cached --name-status)
if [ -z "${diff}" ]; then
	echo "Nothing to commit."
	exit 0
fi
git config --global user.email "${NEXY_BOT_EMAIL:-dev@nexylan.com}"
git config --global user.name "bot"

message="build: update core files"
git commit -m "${message}"
git remote set-url origin "https://${GITLAB_USER:?}:${GITLAB_TOKEN:?}@${CI_PROJECT_URL#https://}.git/"
git push origin ${branch}

export LAB_CORE_HOST="https://${CI_SERVER_HOST:-gitlab.com}"
export LAB_CORE_USER="${GITLAB_USER:?}"
export LAB_CORE_TOKEN="${GITLAB_TOKEN:?}"
git remote set-url origin "${CI_PROJECT_URL}.git"
lab mr create --remove-source-branch --message "${message}"

Here, I use a custom set GITLAB_TOKEN to LAB_CORE_TOKEN because the default provided CI_JOB_TOKEN does not allow write operation to the API.

However, according to the latest documentation of that project:

The environment variables CI_PROJECT_URL, CI_JOB_TOKEN and GITLAB_USER_LOGIN, intended to be used in a CI environment, can be set to prevent any configuration file creation/update. Also, any of these take precedence over all other options.

I assume this was done quite recently, however, this make my script being completely stuck. 🙃

A fallback to the CI token is great for a "no configuration" quick setup, but it the lab related user config should take precedence, not the reverse.

[soullivaneuh]

For people stuck on the same situation, the workaround is to temporary remove the not desired variable:

# @see https://github.com/zaquestion/lab/issues/813
TMP_CI_TOKEN=${CI_JOB_TOKEN}
unset CI_JOB_TOKEN
lab mr create --remove-source-branch --message "${message}"
export CI_JOB_TOKEN=${TMP_CI_TOKEN}

However, this solution is:

• Not fully reliable because it does not manage the other possible variable overrides (host, user).
• Very cumbersome. It force us to tweak system variable, with the occurring related risks.

[bmeneg]

That's interesting. The doc was updated, but the code behaves like that for quite some time already.

Since upgrade from 0.17.2 to 0.23.0.

It seems the issue is the big version bump :).

But I see what you're saying. I'm going to check the code and propose some changes there.