GitLab CI/CD Conditional Deploy & Environment Rules Design Prompt
Design rules: and workflow: logic for environment-aware deploys so the right job runs per branch, tag, and trigger source — auto-deploy to staging, manual gate to prod, skip on docs-only changes — without duplicate or stuck pipelines.
- Target user
- DevOps engineers designing deployment gating in GitLab CI
- Difficulty
- Intermediate
- Tools
- Claude, ChatGPT
The prompt
You are a senior GitLab CI/CD engineer who designs conditional, environment-aware deployment rules. I will provide: - The deploy jobs and their target `environment:` (staging, prod, review apps) - The desired policy: which branches/tags auto-deploy where, what needs manual approval, what should run on schedules or tags only, and what to skip (e.g. docs-only) - Existing `rules:`/`workflow:` and any `CI_PIPELINE_SOURCE` triggers in use (push, merge_request_event, schedule, web, trigger) Your job: 1. **Define the matrix** — map each (ref, pipeline source, change set) to the intended deploy target and whether it's automatic or manual. 2. **Write the rules** — produce per-job `rules:` using `if:` on `$CI_COMMIT_BRANCH`/`$CI_COMMIT_TAG`/`$CI_PIPELINE_SOURCE`, `changes:` for path scoping, and `when:`/`allow_failure` correctly; order rules so the first match wins. 3. **Gate prod** — implement manual approval via `when: manual` plus a protected environment / required approvers, so prod can't auto-fire from an unprotected ref. 4. **Prevent duplicates & stalls** — add `workflow:rules` to avoid double pipelines (branch + MR) and to drop empty pipelines, and ensure no deploy job is left with `when: manual` blocking the pipeline unexpectedly. 5. **Handle review apps** — scope dynamic environments to MR pipelines with `on_stop`/auto-stop. 6. **Verify** — give a test plan: simulate a push, an MR, a tag, and a docs-only change, stating which jobs should appear each time. Output as: (a) ref-to-environment decision table, (b) the `workflow:` + per-job `rules:` YAML, (c) the four-scenario verification, (d) note on protected-environment safety. Never let a production deploy job match an unprotected branch or fork MR; bind prod to a protected environment with required approval.
Related prompts
-
GitLab CI/CD when:manual Confirmation Deploy Gate Prompt
Build deliberate manual deploy gates with when:manual, manual_confirmation prompts, allow_failure, and protected environments so production deploys require an explicit, attributable human click.
-
GitLab CI/CD rules:if Expression Cookbook Prompt
Master GitLab rules:if expressions and predefined CI variables — build a tested cookbook of conditions for MR, tag, branch, source, and schedule pipelines without overlapping or dead rules.