Make environment variables set in before_script available for expanding in .gitlab-ci.yml
This is extracted from https://gitlab.com/gitlab-org/gitlab-ce/issues/25554#note_19890566
The original report was fixed in gitlab-ce!8088, however the example in above specific comment was talking about the other issue, which we haven't solved. The example could be simplified to:
before_script:
- export DYNAMIC_ENV_VAR=whoami
job:
script: echo $DYNAMIC_ENV_VAR
environment:
name: $DYNAMIC_ENV_VAR
url: http://$DYNAMIC_ENV_VAR.example.com
The script would echo the value of whoami
because it's running on the runner, but the environment name and URL cannot see the value because they're evaluated on GitLab instance rather than on the runner. In order to make this work, the runner would require to pass the ENV back to GitLab via some kind of API, and we'll need to re-evaluate the environment based on the passed values.
This is not trivial to do and could be considered a limitation for now. Personally I could understand the use case, but I am not very sure if we should really implement this feature, because we cannot know which ENV should be set by looking at .gitlab-ci.yml
, therefore we're forced to pass all the ENV from runner, which could contain a lot of random values, and which are also depending on the runner which runs the job. The result could be surprising and unexpected, and could also risk some security concern. For example, some secrets might be passed to GitLab unconsciously.
Labeled as gitlab-ce~1672341 because the original issue was.
/cc @dblessing @grzesiek @ayufan /cc @peay @mikelehner