build container hostname does not conform to rfc1035

Summary

• The build container name (and therefore the "hostname") is calculated using parts of the runner's token, in one of our system this ends up in runner-nmuDY_ND-project-1870-concurrent-0
• The underscore _ is not allowed according to https://www.ietf.org/rfc/rfc1035.txt (services had the same problem in the past). Only [a-zA-Z09-] are allowed and AFAIK FOOBAR.example.com resolves equally to foobar.example.com.
• Inspecting the tokens on our systems, they are in two categories:
  • some have a length of 20 characters and seem to match [a-zA-Z0-9-_]{20}
  • others have a length of 30 characters and only match [a-z0-9]{30}

Steps to reproduce

• Unfortunately I do not know how to produce an invalid runner token.
• If you run something like hostname inside of the build container and try to e.g. connect to an SMTP-server. the latter expects a EHLO $SENDING_HOSTNAME and fails.

Actual behavior

• Hostname is set to runner-nmuDY_ND-project-1870-concurrent-0

Expected behavior

• Hostname is set to a cleaned version runner-nmudy-nd-project-1870-concurrent-0

Relevant logs and/or screenshots

job log

```sh > CONNECTING TO [mx.qa.sample.com:25] Current default timeout: 15000 Current so timeout: 15000 > EHLO runner-nmuDY_ND-project-1870-concurrent-0 < 501 Syntax error in parameters or arguments ```

Environment description

We use docker 18.09.7 on Debian Stretch

config.toml contents

# General settings, see https://docs.gitlab.com/runner/configuration/advanced-configuration.html
concurrent = 4
listen_address = ":9252"


# Definition for mam-gitlabci-bap8005 accessing https://git.example.com/ci
[[runners]]
  name = "mam-gitlabci-bap8005"
  url = "https://git.example.com/ci"
  token = "nmuDY_NDXXXXXXXX"
  tls-ca-file = ""
  output_limit = 4096
  limit = 4
  executor = "docker"
  environment = [
  "HUDSONPROFILE=true",
  "BUILD_NUMBER=$CI_PIPELINE_ID",
  "NODE_HOSTNAME=mam-gitlabci-bap8005.example.com",
  "NODE_DC=XXXX",
  "NODE_IP_0=10.57.19.4",
  "SONARQUBE_SONAR_TOKEN=XXXXX",
  ]
  [runners.docker]
    image = "ci-runner"
    shm_size = 1073741824
    privileged = false

Used GitLab Runner version

gitlab-runner 12.3.0

Possible fixes

• https://gitlab.com/gitlab-org/gitlab-runner/blob/faa9f22242263487e07c1273a1f6f3f7966c09a3/common/build.go#L109 calculates the container name.
• The shortened token needs to be sanitized before usage.