Update jobs in tox-tests.yml to add "needs: ['build']"

Our tox-tests template runs tox tests and builds documentation inside the built container.

Previous GitLab revisions used to have an implicit dependency between stages which is no-longer the case.

Add

  needs:
    - build

to the test and documentation jobs.

changed milestone to %Sprint 99

added placeholder workflowSprint Ready labels

changed the description

added Operations label

changed the description

At the risk of telling people stuff they already know.

One issue with needs: ["build"] is that although it can pass linting fine, if the build job is not instantiated (because of rules that depend on variable values) this can give an invalid yaml error. You can find that the pipeline runs fine on commits, but errors on deploys (for example) because different variables are set.

I don't know if this actually arises in this case.

Also, some pipelines currently have a dependency on the docker image built in the build step, but actually it's not necessary because all the test job is actually doing is a terraform fmt. (Replacing with just a terraform fmt step is also a lot quicker in these cases.)

I don't know if this actually arises in this case.

In this case the way we run tox tests requires that a container be built so there must have been a build step and hence we actually want some fast-failure if we don't have one.

I agree that we shouldn't add the dependency to the test job as a matter of course.

Also, some pipelines currently have a dependency on the docker image built in the build step, but actually it's not necessary because all the test job is actually doing is a terraform fmt. (Replacing with just a terraform fmt step is also a lot quicker in these cases.)

maybe we can move this into "create a terraform fmt test job template"? Then we can just include it from each deployment's config.

Also, some pipelines currently have a dependency on the docker image built in the build step, but actually it's not necessary

Can you open an issue in those repos where this is the case?

Yeah, I've addressed this in the open MRs for tlscerts and shib-meta gcp deployment, so those don't need new issues. But I'll take a look for others.

mentioned in commit 61b04de7

mentioned in merge request !6 (merged)

assigned to @rjw57

added workflowReview Required label and removed workflowSprint Ready label

Adding urgent label as this is breaking stuff elsewhere at the moment.

added urgent label

mentioned in commit 5636bb1b

mentioned in merge request !5 (closed)

closed via merge request !6 (merged)

mentioned in commit 72290067