Use Runner predefined variables inside of Kubernetes override variables
Summary
The predefined variable CI_CONCURRENT_ID
is not expanded as expected when referencing it in KUBERNETES_NAMESPACE_OVERWRITE
Steps to reproduce
Configure the gitlab-runner instance to allow concurrent runs and to use kubernetes executor, then simply define a variable as in the gitlab-ci.yml
below:
.gitlab-ci.yml
variables:
KUBERNETES_NAMESPACE_OVERWRITE: "ci-$CI_CONCURRENT_ID"
Actual behavior
The variable is not expanded resulting in the error:
Running with gitlab-runner 12.3.0 (a8a019e0)
on gitlab-gitlab-runner-64dbc7b567-ddzfv EagdaMAh
"Namespace" overwritten with "ci-"
Using Kubernetes namespace: ci-
Using Kubernetes executor with image maven:3.6.2-jdk-8 ...
ERROR: Job failed (system failure): pods is forbidden: User "system:serviceaccount:default:gitlab-gitlab-runner" cannot create resource "pods" in API group "" in the namespace "ci-"
Expected behavior
The variable should be expanded correctly with the concurrent id, as for other predefined variables:
ci-0
Relevant logs and/or screenshots
job log
Running with gitlab-runner 12.3.0 (a8a019e0)
on gitlab-gitlab-runner-64dbc7b567-ddzfv EagdaMAh
"Namespace" overwritten with "ci-"
Using Kubernetes namespace: ci-
Using Kubernetes executor with image maven:3.6.2-jdk-8 ...
ERROR: Job failed (system failure): pods is forbidden: User "system:serviceaccount:default:gitlab-gitlab-runner" cannot create resource "pods" in API group "" in the namespace "ci-"
Environment description
config.toml contents
listen_address = "[::]:9252"
concurrent = 10
check_interval = 30
log_level = "info"
[session_server]
session_timeout = 1800
[[runners]]
name = "gitlab-gitlab-runner-64dbc7b567-ddzfv"
request_concurrency = 1
url = "https://****"
token = "****"
executor = "kubernetes"
[runners.custom_build_dir]
[runners.cache]
Type = "s3"
Path = "gitlab_runner"
Shared = true
[runners.cache.s3]
ServerAddress = "s3.amazonaws.com"
BucketName = "****"
BucketLocation = "****"
[runners.cache.gcs]
[runners.kubernetes]
host = ""
bearer_token_overwrite_allowed = false
image = "ubuntu:16.04"
namespace = "default"
namespace_overwrite_allowed = "ci-.*"
privileged = false
service_account_overwrite_allowed = ""
pod_annotations_overwrite_allowed = ""
[runners.kubernetes.pod_annotations]
"iam.amazonaws.com/role" = "****"
[runners.kubernetes.pod_security_context]
[runners.kubernetes.volumes]
Used GitLab Runner version
Running with gitlab-runner 12.3.0 (a8a019e0)
Using Kubernetes executor with image maven:3.6.2-jdk-8
Proposal
When we are setting up the overrides we don't have all the variables becuase we are only using the build variables since the call stack is like Prepare -> prepareOverwrites -> createOverwrites and we only pass the variables that are defined inside of .gitlab-ci.yml
and some predefined variables that from rails. Things like CI_CONCURRENT_ID
are not considered. When we pass in the variables we need to also send the default variables that Runner creates, not just the ones that Rails send.
It could be as simple as changing the call to prepareOverwrites
to use options.Build.GetAllVariables()
(to be validated)