require-gitlab-ci-merge-request-pipelines

Require explicit merge-request pipeline configuration in .gitlab-ci.yml.

Targeted pattern scope

This rule checks .gitlab-ci.yml (or .gitlab-ci.yaml) for merge-request pipeline signals, including:

rules or workflow: rules using merge_request_event
only: [merge_requests]-style clauses

What this rule reports

This rule reports GitLab CI configurations that do not explicitly enable merge-request pipeline behavior.

Why this rule exists

GitLab documents merge-request pipelines as event-driven (CI_PIPELINE_SOURCE == "merge_request_event") and expects matching job or workflow rules in .gitlab-ci.yml. Explicit MR pipeline configuration helps ensure pre-merge validation runs consistently.

❌ Incorrect

// .gitlab-ci.yml
stages:
  - test

test:
  stage: test
  script:
    - npm test

✅ Correct

workflow:
  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"

test:
  script:
    - npm test

test:
  script:
    - npm test
  only:
    - merge_requests

ESLint flat config example

import repoPlugin from "eslint-plugin-repo";

export default [
  repoPlugin.configs.gitlab,
  {
    plugins: { "repo-compliance": repoPlugin },
    rules: {
      "repo-compliance/require-gitlab-ci-merge-request-pipelines": "error",
    },
  },
];

When not to use it

Disable this rule only if merge-request validation is guaranteed by an external pipeline architecture and repository-level .gitlab-ci.yml intentionally excludes MR-specific logic.

Rule catalog ID: R025

Adoption resources

Enable this rule together with require-gitlab-ci-security-scanning to enforce both security and MR-quality signals in GitLab CI.

Targeted pattern scope​

What this rule reports​

Why this rule exists​

❌ Incorrect​

✅ Correct​

ESLint flat config example​

When not to use it​

Further reading​

Adoption resources​