Skip to content

Gitlab-ci service interconnection

It seemes that there is no way to interconnect services that are started by the gitlab runner using the service feature of gitlab-ci. It came as a surprise to me as I think this is a basic feature that you need in many cases.

I really want the CI to execute some independent, lightweight integration tests before changes are merged and openappstack related integration tests are done with the CI that is running for the main openappstack project. Having 2 layers of testing makes it much easier to isolate bugs. So i need to find a workaround for this.

Here is what I tried to figure out:

In a gitlab-ci job you can define services that share environment variables that you can specify per job using the variables feature.

What is a service?

The service image can run any application, but the most common use case is to run a database container, e.g., mysql. It’s easier and faster to use an existing image and run it as an additional container than install mysql every time the project is built. You are not limited to have only database services. You can add as many services you need to .gitlab-ci.yml or manually modify config.toml. Any image found at Docker Hub or your private Container Registry can be used as a service.

Services inherit the same DNS servers, search domains, and additional hosts as the CI container itself.

Example: Using postgres service

There is an option to specify an alias for each service which enables name resolution similar to the service names in a docker-compose setup. After some hassle, I found out (this is not mentioned in the docs), that only the CI container, which is running the jobs can use name resolution to access the service containers, meaning a service interconnect is not possible using the hostnames or aliases.

Looking into the /etc/hosts files of the ci and service containers proved the point:

CI-job container:

/ # cat /etc/hosts
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
172.17.0.7	oauth 15fee0a0fb46 runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__single-sign-on__login_logout-5
172.17.0.6	open.greenhost.net-openappstack-user-panel aef53fdfa968 runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__user-panel-4
172.17.0.2	postgres f999892a755e runner-XPrfB5Xo-project-8-concurrent-0-postgres-0
172.17.0.5	oryd__hydra bcd76d7763a1 runner-XPrfB5Xo-project-8-concurrent-0-oryd__hydra-3
172.17.0.5	hydra bcd76d7763a1 runner-XPrfB5Xo-project-8-concurrent-0-oryd__hydra-3
172.17.0.3	open.greenhost.net__openappstack__single-sign-on__login_provider 6d5629020f7c runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__single-sign-on__login_provider-1
172.17.0.7	open.greenhost.net-openappstack-single-sign-on-login_logout 15fee0a0fb46 runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__single-sign-on__login_logout-5
172.17.0.4	open.greenhost.net-openappstack-single-sign-on-consent_provider 8a9a86b6ac0b runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__single-sign-on__consent_provider-2
172.17.0.4	consent 8a9a86b6ac0b runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__single-sign-on__consent_provider-2
172.17.0.3	open.greenhost.net-openappstack-single-sign-on-login_provider 6d5629020f7c runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__single-sign-on__login_provider-1
172.17.0.4	open.greenhost.net__openappstack__single-sign-on__consent_provider 8a9a86b6ac0b runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__single-sign-on__consent_provider-2
172.17.0.6	open.greenhost.net__openappstack__user-panel aef53fdfa968 runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__user-panel-4
172.17.0.3	login 6d5629020f7c runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__single-sign-on__login_provider-1
172.17.0.5	oryd-hydra bcd76d7763a1 runner-XPrfB5Xo-project-8-concurrent-0-oryd__hydra-3
172.17.0.6	backend aef53fdfa968 runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__user-panel-4
172.17.0.7	open.greenhost.net__openappstack__single-sign-on__login_logout 15fee0a0fb46 runner-XPrfB5Xo-project-8-concurrent-0-open.greenhost.net__openappstack__single-sign-on__login_logout-5
172.17.0.8	runner-XPrfB5Xo-project-8-concurrent-0

user-panel service container:

root@aef53fdfa968:/usr/src/app# cat /etc/hosts
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
172.17.0.6	aef53fdfa968

Maybe there is some way to copy the hosts file to the running services. I also think that the IP-Address are assigned incrementally so maybe I can use hardcoded IP's instead of names.

Does anyone have experiences/suggestions to share?

Should we get involved in a discussion about this feature on gitlab?

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information