CI variables defined in GitLab GUI are not available to services
Summary
When using a service (e.g. mysql) in the GitLab CI that needs environtment variables to run, only variables defined in .gitlab-ci.yml are passed to the service and variables defined in GitLab GUI are unavailable.
Steps to reproduce
In this example, MYSQL_ROOT_PASSWORD and MYSQL_DATABASE variables are defined via GitLab UI in Project Settings / CI/CD Settings / Variables.
.gitlab-ci.yml
image: debian:stretch
stages:
- test
test:
services:
- mysql:latest
script:
- pwd
- echo $MYSQL_ROOT_PASSWORD
- echo $MYSQL_DATABASE
stage: testActual behavior
MySQL service container can't be started because it doesn't see the defined variables in its environment. Please see job log below.
Expected behavior
MySQL service container should start by using the configured environment variables.
There's a workaround though, because by redefining the same variables in .gitlab-ci.yml that we already defined in the GUI will pass them to the service container. But this is not evident and also not explicitly written in the documentation.
.gitlab-ci.yml with workaround (see variables block)
image: debian:stretch
stages:
- test
variables:
MYSQL_DATABASE: "$MYSQL_DATABASE"
MYSQL_ROOT_PASSWORD: "$MYSQL_ROOT_PASSWORD"
test:
services:
- mysql:latest
script:
- pwd
- echo $MYSQL_ROOT_PASSWORD
- echo $MYSQL_DATABASE
stage: testRelevant logs and/or screenshots
CI Job Log
Running with gitlab-runner 11.7.0 (8bb608ff)
on Docker image builder 1647c90b
Using Docker executor with image debian:stretch ...
Starting service mysql:latest ...
Pulling docker image mysql:latest ...
Using docker image sha256:c7109f74d339896c8e1a7526224f10a3197e7baf674ff03acbab387aa027882a for mysql:latest ...
Waiting for services to be up and running...
*** WARNING: Service runner-1647c90b-project-192-concurrent-0-mysql-0 probably didn't start properly.
Health check error:
service "runner-1647c90b-project-192-concurrent-0-mysql-0-wait-for-service" timeout
Health check container logs:
Service container logs:
2019-07-17T11:08:31.546383758Z error: database is uninitialized and password option is not specified
2019-07-17T11:08:31.546434717Z You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD
*********
Pulling docker image debian:stretch ...
Using docker image sha256:5a6d49d5e83399b16a2f365670051f51afd4368bff836de9d70f9bd84dc79f17 for debian:stretch ...
Running on runner-1647c90b-project-192-concurrent-0 via ###MASKED###...
Cloning repository...
Cloning into '/builds/docs/test'...
Checking out d154d7c8 as master...
Skipping Git submodules setup
$ pwd
/builds/docs/test
$ echo $MYSQL_ROOT_PASSWORD
password
$ echo $MYSQL_DATABASE
database
Job succeededPlease note the fact that "password" and "database" can be seen in the output. This proves that these were defined elsewhere.
Environment description
Environment is GitLab Community Edition 11.10.4 with shared runners running Docker runner on a different machine. GitLab Runner version is 11.7.0.
config.toml contents
concurrent = 6
check_interval = 0
log_level = "debug"
[[runners]]
name = "###MASKED###"
url = "###MASKED###"
token = "###MASKED###"
executor = "docker"
environment = ["CI_DEBUG_SERVICES=true", "DOCKER_DRIVER=inmemory"]
[runners.docker]
tls_verify = false
image = "alpine:latest"
privileged = false
disable_cache = true
wait_for_services_timeout = 60
shm_size = 0
[runners.cache]
Type = "s3"
ServerAddress = "###MASKED###"
AccessKey = "###MASKED###"
SecretKey = "###MASKED###"
BucketName = "cache"
Insecure = true
Path = "###MASKED###"
Shared = trueUsed GitLab Runner version
Version: 11.7.0
Git revision: 8bb608ff
Git branch: 11-7-stable
GO version: go1.8.7
Built: 2019-01-22T11:24:14+0000
OS/Arch: linux/amd64