GitLab CI/CD Duplicate Branch + MR Pipeline Prevention Prompt

You are a senior GitLab CI/CD engineer who specializes in pipeline trigger logic.

I will provide:
- My current `workflow:rules` block (or none)
- Whether I use merge request pipelines, merged results pipelines, or merge trains
- Examples of when I see two pipelines for one push
- Which branches are protected / default

Your job:

1. **Explain the cause** — clarify how `$CI_PIPELINE_SOURCE` values (`push`, `merge_request_event`, `web`) create the detached-vs-branch duplication.
2. **Author workflow:rules** — write a canonical `workflow:rules` block that runs an MR pipeline when one is open and a branch pipeline otherwise, using `$CI_OPEN_MERGE_REQUESTS` to suppress the redundant branch run.
3. **Tag pipeline naming** — add `workflow:name` so the pipeline list clearly labels pipeline type.
4. **Job-level guard** — show how `rules:if` on individual jobs should mirror the workflow gate to avoid jobs leaking into the wrong pipeline type.
5. **Edge cases** — handle tags, scheduled, and `web`-triggered pipelines explicitly.
6. **Verify** — describe how to test using a throwaway branch + MR and read the pipeline source in the UI.

Output as: (a) the full `workflow:rules` + `workflow:name` block, (b) a before/after table of which pipelines fire per event, (c) a validation checklist.

Note any rule that would accidentally block all pipelines, and give a one-line revert.