I realized that some variables are not the same in the gitlab shared runners and when you use your local configuration.
Simple example of a .gitlab-ci.yml:
my-test:
image: docker:latest
stage: build
services:
- docker:dind
script:
- env # this is what gives me different results
In order to execute this file I use gitlab-runner exec docker my-test as explained in https://stackoverflow.com/a/36358790/2237916.
However, the previous code gives me a different result when I push my commits (run in a shared server) and if I run locally. The result is that each one gives me different values on the existent environmental variables. This affects as follows:
docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY are not able to run locally, because none of the 3 variables are set in the local environment.KUBE_CA_PEM, KUBECONFIG KUBE_TOKEN, and others, are not set.Thus, I'm unable to replicate experiments locally and remotely (either with a shared runner on my own runner). I'm looking for a straight way to test in local as if I'm really using a shared runner, with all the same environmental variables.
As some complementary information, my current workaround is to use as indicated in a gitlab issue, with the command gitlab-runner exec docker my-test $(printf " --env %s" "${ENVVARS[@]}"), where ENVVARS is a bash array. However this is as far as a proper solution as one can be.
Note: I understand that you can set some variables with the options --kubernetes-* within the command line, this is not desired since you have to set everything every time you run the command. I want to be able to share the same configuration that gitlab send to the runner.
The variables you mention are only set during execution of the environment on a runner connected to gitlab.
https://docs.gitlab.com/ee/ci/variables/predefined_variables.html
To provide these variables you have the option to extend your run command:
--env value Custom environment variables injected to build environment [$RUNNER_ENV]There are also a ton of kubernetes options:
--kubernetes-host value Optional Kubernetes master host URL (auto-discovery attempted if not specified) [$KUBERNETES_HOST]
--kubernetes-cert-file value Optional Kubernetes master auth certificate [$KUBERNETES_CERT_FILE]
--kubernetes-key-file value Optional Kubernetes master auth private key [$KUBERNETES_KEY_FILE]
--kubernetes-ca-file value Optional Kubernetes master auth ca certificate [$KUBERNETES_CA_FILE]
--kubernetes-bearer_token_overwrite_allowed Bool to authorize builds to specify their own bearer token for creation. [$KUBERNETES_BEARER_TOKEN_OVERWRITE_ALLOWED]
--kubernetes-bearer_token value Optional Kubernetes service account token used to start build pods. [$KUBERNETES_BEARER_TOKEN]
--kubernetes-image value Default docker image to use for builds when none is specified [$KUBERNETES_IMAGE]
--kubernetes-namespace value Namespace to run Kubernetes jobs in [$KUBERNETES_NAMESPACE]
--kubernetes-namespace_overwrite_allowed value Regex to validate 'KUBERNETES_NAMESPACE_OVERWRITE' value [$KUBERNETES_NAMESPACE_OVERWRITE_ALLOWED]
--kubernetes-privileged Run all containers with the privileged flag enabled [$KUBERNETES_PRIVILEGED]
--kubernetes-cpu-limit value The CPU allocation given to build containers [$KUBERNETES_CPU_LIMIT]
--kubernetes-cpu-limit-overwrite-max-allowed value If set, the max amount the cpu limit can be set to. Used with the KUBERNETES_CPU_LIMIT variable in the build. [$KUBERNETES_CPU_LIMIT_OVERWRITE_MAX_ALLOWED]
--kubernetes-memory-limit value The amount of memory allocated to build containers [$KUBERNETES_MEMORY_LIMIT]
--kubernetes-memory-limit-overwrite-max-allowed value If set, the max amount the memory limit can be set to. Used with the KUBERNETES_MEMORY_LIMIT variable in the build. [$KUBERNETES_MEMORY_LIMIT_OVERWRITE_MAX_ALLOWED]
--kubernetes-service-cpu-limit value The CPU allocation given to build service containers [$KUBERNETES_SERVICE_CPU_LIMIT]
--kubernetes-service-memory-limit value The amount of memory allocated to build service containers [$KUBERNETES_SERVICE_MEMORY_LIMIT]
--kubernetes-helper-cpu-limit value The CPU allocation given to build helper containers [$KUBERNETES_HELPER_CPU_LIMIT]
--kubernetes-helper-memory-limit value The amount of memory allocated to build helper containers [$KUBERNETES_HELPER_MEMORY_LIMIT]
--kubernetes-cpu-request value The CPU allocation requested for build containers [$KUBERNETES_CPU_REQUEST]
--kubernetes-cpu-request-overwrite-max-allowed value If set, the max amount the cpu request can be set to. Used with the KUBERNETES_CPU_REQUEST variable in the build. [$KUBERNETES_CPU_REQUEST_OVERWRITE_MAX_ALLOWED]
--kubernetes-memory-request value The amount of memory requested from build containers [$KUBERNETES_MEMORY_REQUEST]
--kubernetes-memory-request-overwrite-max-allowed value If set, the max amount the memory request can be set to. Used with the KUBERNETES_MEMORY_REQUEST variable in the build. [$KUBERNETES_MEMORY_REQUEST_OVERWRITE_MAX_ALLOWED]
--kubernetes-service-cpu-request value The CPU allocation requested for build service containers [$KUBERNETES_SERVICE_CPU_REQUEST]
--kubernetes-service-memory-request value The amount of memory requested for build service containers [$KUBERNETES_SERVICE_MEMORY_REQUEST]
--kubernetes-helper-cpu-request value The CPU allocation requested for build helper containers [$KUBERNETES_HELPER_CPU_REQUEST]
--kubernetes-helper-memory-request value The amount of memory requested for build helper containers [$KUBERNETES_HELPER_MEMORY_REQUEST]
--kubernetes-pull-policy value Policy for if/when to pull a container image (never, if-not-present, always). The cluster default will be used if not set [$KUBERNETES_PULL_POLICY]
--kubernetes-node-selector value A toml table/json object of key=value. Value is expected to be a string. When set this will create pods on k8s nodes that match all the key=value pairs. (default: "{}") [$KUBERNETES_NODE_SELECTOR]
--kubernetes-node-tolerations value A toml table/json object of key=value:effect. Value and effect are expected to be strings. When set, pods will tolerate the given taints. Only one toleration is supported through environment variable configuration. (default: "{}") [$KUBERNETES_NODE_TOLERATIONS]
--kubernetes-image-pull-secrets value A list of image pull secrets that are used for pulling docker image [$KUBERNETES_IMAGE_PULL_SECRETS]
--kubernetes-helper-image value [ADVANCED] Override the default helper image used to clone repos and upload artifacts [$KUBERNETES_HELPER_IMAGE]
--kubernetes-terminationGracePeriodSeconds value Duration after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. (default: "0") [$KUBERNETES_TERMINATIONGRACEPERIODSECONDS]
--kubernetes-poll-interval value How frequently, in seconds, the runner will poll the Kubernetes pod it has just created to check its status (default: "0") [$KUBERNETES_POLL_INTERVAL]
--kubernetes-poll-timeout value The total amount of time, in seconds, that needs to pass before the runner will timeout attempting to connect to the pod it has just created (useful for queueing more builds that the cluster can handle at a time) (default: "0") [$KUBERNETES_POLL_TIMEOUT]
--kubernetes-pod-labels value A toml table/json object of key-value. Value is expected to be a string. When set, this will create pods with the given pod labels. Environment variables will be substituted for values here. (default: "{}")
--kubernetes-service-account value Executor pods will use this Service Account to talk to kubernetes API [$KUBERNETES_SERVICE_ACCOUNT]
--kubernetes-service_account_overwrite_allowed value Regex to validate 'KUBERNETES_SERVICE_ACCOUNT' value [$KUBERNETES_SERVICE_ACCOUNT_OVERWRITE_ALLOWED]
--kubernetes-pod-annotations value A toml table/json object of key-value. Value is expected to be a string. When set, this will create pods with the given annotations. Can be overwritten in build with KUBERNETES_POD_ANNOTATION_* variables (default: "{}")
--kubernetes-pod_annotations_overwrite_allowed value Regex to validate 'KUBERNETES_POD_ANNOTATIONS_*' values [$KUBERNETES_POD_ANNOTATIONS_OVERWRITE_ALLOWED]
--kubernetes-pod-security-context-fs-group value A special supplemental group that applies to all containers in a pod [$KUBERNETES_POD_SECURITY_CONTEXT_FS_GROUP]
--kubernetes-pod-security-context-run-as-group value The GID to run the entrypoint of the container process [$KUBERNETES_POD_SECURITY_CONTEXT_RUN_AS_GROUP]
--kubernetes-pod-security-context-run-as-non-root value Indicates that the container must run as a non-root user [$KUBERNETES_POD_SECURITY_CONTEXT_RUN_AS_NON_ROOT]
--kubernetes-pod-security-context-run-as-user value The UID to run the entrypoint of the container process [$KUBERNETES_POD_SECURITY_CONTEXT_RUN_AS_USER]
--kubernetes-pod-security-context-supplemental-groups value A list of groups applied to the first process run in each container, in addition to the container's primary GID
--kubernetes-services value Add service that is started with container