@catladder/pipeline 1.144.1 → 1.146.0

package/examples/__snapshots__/node-build-with-docker-additions.ts.snap

@@ -33,6 +33,9 @@ exports[`matches snapshot 1`] = `
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export APP_PATH="www"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
           "if [ -f ~/.nvm/nvm.sh ];  then source ~/.nvm/nvm.sh; fi",
           "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
@@ -49,7 +52,6 @@ exports[`matches snapshot 1`] = `
         ],
         "stage": "test",
         "variables": {
-          "APP_PATH": "www",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "4Gi",
           "KUBERNETES_MEMORY_REQUEST": "2Gi",
@@ -102,7 +104,25 @@ exports[`matches snapshot 1`] = `
           ],
         },
         "script": [
-          "echo '{"id":"some-id","time":"01-01-2023 12:13:14"}' > www/__build_info.json",
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export ENV_SHORT="dev"",
+          "export APP_DIR="www"",
+          "export ENV_TYPE="dev"",
+          "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
+          "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
+          "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
+          "export HOST="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_INTERNAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_CANONICAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
+          "export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
+          "export GCLOUD_DEPLOY_credentialsKey="$CL_dev_www_GCLOUD_DEPLOY_credentialsKey"",
+          "export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix"",
+          "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
+          "echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json",
           "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
           "if [ -f ~/.nvm/nvm.sh ];  then source ~/.nvm/nvm.sh; fi",
           "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
@@ -119,25 +139,9 @@ exports[`matches snapshot 1`] = `
         ],
         "stage": "build",
         "variables": {
-          "APP_DIR": "www",
-          "BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
-          "BUILD_INFO_CURRENT_VERSION": "3.2.1",
-          "BUILD_INFO_ID": "some-id",
-          "DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
-          "DEPLOY_CLOUD_RUN_REGION": "asia-east1",
-          "ENV_SHORT": "dev",
-          "ENV_TYPE": "dev",
-          "GCLOUD_DEPLOY_credentialsKey": "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey",
-          "GCLOUD_RUN_canonicalHostSuffix": "$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix",
-          "HOST": "pan-test-app-dev-www-unknown-host.example.com",
-          "HOST_CANONICAL": "pan-test-app-dev-www-unknown-host.example.com",
-          "HOST_INTERNAL": "pan-test-app-dev-www-unknown-host.example.com",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "4Gi",
           "KUBERNETES_MEMORY_REQUEST": "2Gi",
-          "ROOT_URL": "https://pan-test-app-dev-www-unknown-host.example.com",
-          "ROOT_URL_INTERNAL": "https://pan-test-app-dev-www-unknown-host.example.com",
-          "_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
         },
       },
       "www 🔨 docker | dev ": {
@@ -163,6 +167,23 @@ exports[`matches snapshot 1`] = `
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export DOCKERFILE_ADDITIONS="RUN apk add --no-cache openssl1.1-compat-dev"",
+          "export DOCKERFILE_ADDITIONS_END="RUN yarn rebuild"",
+          "export APP_DIR="www"",
+          "export DOCKER_DIR="."",
+          "export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
+          "export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www"",
+          "export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"",
+          "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
+          "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
+RUN yarn plugin import workspace-tools
+RUN yarn workspaces focus --production && yarn rebuild"",
+          "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node www/package.json /app/www/package.json
+COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
+COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
+COPY --chown=node:node .yarn /app/.yarn"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "ensureNodeDockerfile",
           "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")",
@@ -187,24 +208,9 @@ exports[`matches snapshot 1`] = `
         ],
         "stage": "build",
         "variables": {
-          "APP_DIR": "www",
-          "DOCKERFILE_ADDITIONS": "RUN apk add --no-cache openssl1.1-compat-dev",
-          "DOCKERFILE_ADDITIONS_END": "RUN yarn rebuild",
           "DOCKER_BUILDKIT": "1",
-          "DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www",
-          "DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
-RUN yarn plugin import workspace-tools
-RUN yarn workspaces focus --production && yarn rebuild",
-          "DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node www/package.json /app/www/package.json
-COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
-COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
-COPY --chown=node:node .yarn /app/.yarn",
-          "DOCKER_DIR": ".",
           "DOCKER_DRIVER": "overlay2",
           "DOCKER_HOST": "tcp://0.0.0.0:2375",
-          "DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www",
-          "DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
-          "DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
           "DOCKER_TLS_CERTDIR": "",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "2Gi",
@@ -214,15 +220,15 @@ COPY --chown=node:node .yarn /app/.yarn",
       "www 🚀 Deploy | dev ": {
         "allow_failure": false,
         "artifacts": {
-          "paths": [
-            "____envvars.yaml",
-          ],
+          "reports": {
+            "dotenv": "gitlab_environment.env",
+          },
         },
         "environment": {
           "auto_stop_in": "4 weeks",
           "name": "dev/www",
           "on_stop": "www 🛑 Stop ⚠️ | dev ",
-          "url": "https://pan-test-app-dev-www-unknown-host.example.com",
+          "url": "$CL_GITLAB_ENVIRONMENT_URL",
         },
         "image": "path/to/docker/gcloud:the-version",
         "interruptible": true,
@@ -265,13 +271,71 @@ COPY --chown=node:node .yarn /app/.yarn",
           },
         ],
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export ENV_SHORT="dev"",
+          "export APP_DIR="www"",
+          "export ENV_TYPE="dev"",
+          "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
+          "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
+          "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
+          "export HOST="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_INTERNAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_CANONICAL="$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
+          "export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
+          "export GCLOUD_DEPLOY_credentialsKey="$CL_dev_www_GCLOUD_DEPLOY_credentialsKey"",
+          "export GCLOUD_RUN_canonicalHostSuffix="$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix"",
+          "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
+          "export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
+          "export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www"",
+          "export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"",
+          "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
+          "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")",
           "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")",
           "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
           "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
+          "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
+          "cat > ____envvars.yaml <<EOF
+ENV_SHORT: |-
+  dev
+APP_DIR: |-
+  www
+ENV_TYPE: |-
+  dev
+BUILD_INFO_BUILD_ID: |-
+$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/  /')
+BUILD_INFO_BUILD_TIME: |-
+$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/  /')
+BUILD_INFO_CURRENT_VERSION: |-
+$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/  /')
+HOST: |-
+$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+ROOT_URL: |-
+$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+HOST_INTERNAL: |-
+$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+HOST_CANONICAL: |-
+$(printf %s "$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+ROOT_URL_INTERNAL: |-
+$(printf %s "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+DEPLOY_CLOUD_RUN_PROJECT_ID: |-
+  asdf
+DEPLOY_CLOUD_RUN_REGION: |-
+  asia-east1
+GCLOUD_RUN_canonicalHostSuffix: |-
+$(printf %s "$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/  /')
+_ALL_ENV_VAR_KEYS: |-
+  ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
+
+EOF
+",
+          "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
-          "echo "$ENV_VARS" > ____envvars.yaml",
           "gcloud run deploy pan-test-app-dev-www --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=dev,env-name=dev,build-type=node,cloud-run-service-name=pan-test-app-dev-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
           "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
@@ -280,69 +344,27 @@ COPY --chown=node:node .yarn /app/.yarn",
           "gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
           "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
           "echo Uploading SBOM to Dependency Track",
-          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://pan-test-app-dev-www-unknown-host.example.com" "__sbom.json" vex.json || true",
-        ],
-        "services": [
-          {
-            "command": [
-              "--tls=false",
-            ],
-            "name": "docker:24.0.6-dind",
-          },
+          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
+          "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
         ],
         "stage": "deploy dev",
         "variables": {
-          "APP_DIR": "www",
-          "BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
-          "BUILD_INFO_CURRENT_VERSION": "3.2.1",
-          "BUILD_INFO_ID": "some-id",
-          "CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
-          "DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
-          "DEPLOY_CLOUD_RUN_REGION": "asia-east1",
-          "DOCKER_BUILDKIT": "1",
-          "DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www",
-          "DOCKER_DRIVER": "overlay2",
-          "DOCKER_HOST": "tcp://0.0.0.0:2375",
-          "DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www",
-          "DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
-          "DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
-          "DOCKER_TLS_CERTDIR": "",
-          "ENV_SHORT": "dev",
-          "ENV_TYPE": "dev",
-          "ENV_VARS": "ENV_SHORT: 'dev'
-APP_DIR: 'www'
-ENV_TYPE: 'dev'
-BUILD_INFO_ID: 'some-id'
-BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
-BUILD_INFO_CURRENT_VERSION: '3.2.1'
-HOST: 'pan-test-app-dev-www-unknown-host.example.com'
-ROOT_URL: 'https://pan-test-app-dev-www-unknown-host.example.com'
-HOST_CANONICAL: 'pan-test-app-dev-www-unknown-host.example.com'
-ROOT_URL_INTERNAL: 'https://pan-test-app-dev-www-unknown-host.example.com'
-HOST_INTERNAL: 'pan-test-app-dev-www-unknown-host.example.com'
-DEPLOY_CLOUD_RUN_PROJECT_ID: 'asdf'
-DEPLOY_CLOUD_RUN_REGION: 'asia-east1'
-GCLOUD_RUN_canonicalHostSuffix: '$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix'
-_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
-",
-          "GCLOUD_DEPLOY_credentialsKey": "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey",
-          "GCLOUD_RUN_canonicalHostSuffix": "$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix",
-          "HOST": "pan-test-app-dev-www-unknown-host.example.com",
-          "HOST_CANONICAL": "pan-test-app-dev-www-unknown-host.example.com",
-          "HOST_INTERNAL": "pan-test-app-dev-www-unknown-host.example.com",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "400Mi",
           "KUBERNETES_MEMORY_REQUEST": "200Mi",
-          "ROOT_URL": "https://pan-test-app-dev-www-unknown-host.example.com",
-          "ROOT_URL_INTERNAL": "https://pan-test-app-dev-www-unknown-host.example.com",
-          "_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
         },
       },
       "www 🛑 Stop ⚠️ | dev ": {
+        "allow_failure": true,
+        "artifacts": {
+          "reports": {
+            "dotenv": "gitlab_environment.env",
+          },
+        },
         "environment": {
           "action": "stop",
           "name": "dev/www",
-          "url": "https://pan-test-app-dev-www-unknown-host.example.com",
+          "url": "$CL_GITLAB_ENVIRONMENT_URL",
         },
         "image": "path/to/docker/gcloud:the-version",
         "interruptible": true,
@@ -356,28 +378,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         },
         "rules": [
           {
-            "allow_failure": true,
             "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
             "when": "on_success",
           },
           {
-            "allow_failure": true,
             "when": "manual",
           },
         ],
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "set +e",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_dev_www_GCLOUD_DEPLOY_credentialsKey")",
           "gcloud run services delete pan-test-app-dev-www --project=asdf --region=asia-east1",
           "gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/dev/www --quiet --delete-tags",
           "gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
           "echo Disabling component in Dependency Track",
-          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://pan-test-app-dev-www-unknown-host.example.com" || true",
+          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
           "set -e",
+          "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-dev-www-$CL_dev_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
         ],
         "stage": "stop dev",
         "variables": {
-          "CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
           "GIT_STRATEGY": "none",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "400Mi",
@@ -397,12 +420,14 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export APP_PATH="www"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "cd www",
           "yarn npm audit --environment production",
         ],
         "stage": "test",
         "variables": {
-          "APP_PATH": "www",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "4Gi",
           "KUBERNETES_MEMORY_REQUEST": "2Gi",
@@ -436,6 +461,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export APP_PATH="www"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
           "if [ -f ~/.nvm/nvm.sh ];  then source ~/.nvm/nvm.sh; fi",
           "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
@@ -452,7 +480,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         ],
         "stage": "test",
         "variables": {
-          "APP_PATH": "www",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "4Gi",
           "KUBERNETES_MEMORY_REQUEST": "2Gi",
@@ -476,6 +503,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "trivy fs --quiet --format cyclonedx --output "__sbom.json" www",
         ],
         "stage": "build",
@@ -528,7 +557,7 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
     ],
     "variables": {
       "FF_USE_FASTZIP": "true",
-      "GIT_DEPTH": 1,
+      "GIT_DEPTH": "1",
     },
     "workflow": {
       "rules": [
@@ -586,6 +615,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export APP_PATH="www"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
           "if [ -f ~/.nvm/nvm.sh ];  then source ~/.nvm/nvm.sh; fi",
           "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
@@ -602,7 +634,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         ],
         "stage": "test",
         "variables": {
-          "APP_PATH": "www",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "4Gi",
           "KUBERNETES_MEMORY_REQUEST": "2Gi",
@@ -655,7 +686,25 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
-          "echo '{"id":"some-id","time":"01-01-2023 12:13:14"}' > www/__build_info.json",
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export ENV_SHORT="review"",
+          "export APP_DIR="www"",
+          "export ENV_TYPE="review"",
+          "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
+          "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
+          "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
+          "export HOST="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
+          "export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
+          "export GCLOUD_DEPLOY_credentialsKey="$CL_review_www_GCLOUD_DEPLOY_credentialsKey"",
+          "export GCLOUD_RUN_canonicalHostSuffix="$CL_review_www_GCLOUD_RUN_canonicalHostSuffix"",
+          "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
+          "echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json",
           "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
           "if [ -f ~/.nvm/nvm.sh ];  then source ~/.nvm/nvm.sh; fi",
           "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
@@ -672,25 +721,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         ],
         "stage": "build",
         "variables": {
-          "APP_DIR": "www",
-          "BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
-          "BUILD_INFO_CURRENT_VERSION": "3.2.1",
-          "BUILD_INFO_ID": "some-id",
-          "DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
-          "DEPLOY_CLOUD_RUN_REGION": "asia-east1",
-          "ENV_SHORT": "review",
-          "ENV_TYPE": "review",
-          "GCLOUD_DEPLOY_credentialsKey": "$CL_review_www_GCLOUD_DEPLOY_credentialsKey",
-          "GCLOUD_RUN_canonicalHostSuffix": "$CL_review_www_GCLOUD_RUN_canonicalHostSuffix",
-          "HOST": "pan-test-app-review-mr1234-www-unknown-host.example.com",
-          "HOST_CANONICAL": "pan-test-app-review-mr1234-www-unknown-host.example.com",
-          "HOST_INTERNAL": "pan-test-app-review-mr1234-www-unknown-host.example.com",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "4Gi",
           "KUBERNETES_MEMORY_REQUEST": "2Gi",
-          "ROOT_URL": "https://pan-test-app-review-mr1234-www-unknown-host.example.com",
-          "ROOT_URL_INTERNAL": "https://pan-test-app-review-mr1234-www-unknown-host.example.com",
-          "_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
         },
       },
       "www 🔨 docker | review ": {
@@ -716,6 +749,23 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export DOCKERFILE_ADDITIONS="RUN apk add --no-cache openssl1.1-compat-dev"",
+          "export DOCKERFILE_ADDITIONS_END="RUN yarn rebuild"",
+          "export APP_DIR="www"",
+          "export DOCKER_DIR="."",
+          "export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
+          "export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
+          "export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"",
+          "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
+          "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
+RUN yarn plugin import workspace-tools
+RUN yarn workspaces focus --production && yarn rebuild"",
+          "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node www/package.json /app/www/package.json
+COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
+COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
+COPY --chown=node:node .yarn /app/.yarn"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "ensureNodeDockerfile",
           "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")",
@@ -740,24 +790,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         ],
         "stage": "build",
         "variables": {
-          "APP_DIR": "www",
-          "DOCKERFILE_ADDITIONS": "RUN apk add --no-cache openssl1.1-compat-dev",
-          "DOCKERFILE_ADDITIONS_END": "RUN yarn rebuild",
           "DOCKER_BUILDKIT": "1",
-          "DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www",
-          "DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
-RUN yarn plugin import workspace-tools
-RUN yarn workspaces focus --production && yarn rebuild",
-          "DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node www/package.json /app/www/package.json
-COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
-COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
-COPY --chown=node:node .yarn /app/.yarn",
-          "DOCKER_DIR": ".",
           "DOCKER_DRIVER": "overlay2",
           "DOCKER_HOST": "tcp://0.0.0.0:2375",
-          "DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/mr1234",
-          "DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
-          "DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
           "DOCKER_TLS_CERTDIR": "",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "2Gi",
@@ -767,15 +802,15 @@ COPY --chown=node:node .yarn /app/.yarn",
       "www 🚀 Deploy | review ": {
         "allow_failure": false,
         "artifacts": {
-          "paths": [
-            "____envvars.yaml",
-          ],
+          "reports": {
+            "dotenv": "gitlab_environment.env",
+          },
         },
         "environment": {
           "auto_stop_in": "1 week",
-          "name": "review/some-commit/www",
+          "name": "review/$CI_COMMIT_REF_NAME/www",
           "on_stop": "www 🛑 Stop ⚠️ | review ",
-          "url": "https://pan-test-app-review-mr1234-www-unknown-host.example.com",
+          "url": "$CL_GITLAB_ENVIRONMENT_URL",
         },
         "image": "path/to/docker/gcloud:the-version",
         "interruptible": true,
@@ -818,87 +853,103 @@ COPY --chown=node:node .yarn /app/.yarn",
           },
         ],
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export ENV_SHORT="review"",
+          "export APP_DIR="www"",
+          "export ENV_TYPE="review"",
+          "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
+          "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
+          "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
+          "export HOST="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_INTERNAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_CANONICAL="$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
+          "export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
+          "export GCLOUD_DEPLOY_credentialsKey="$CL_review_www_GCLOUD_DEPLOY_credentialsKey"",
+          "export GCLOUD_RUN_canonicalHostSuffix="$CL_review_www_GCLOUD_RUN_canonicalHostSuffix"",
+          "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
+          "export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
+          "export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })"",
+          "export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"",
+          "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
+          "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")",
           "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")",
           "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
           "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
+          "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
+          "cat > ____envvars.yaml <<EOF
+ENV_SHORT: |-
+  review
+APP_DIR: |-
+  www
+ENV_TYPE: |-
+  review
+BUILD_INFO_BUILD_ID: |-
+$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/  /')
+BUILD_INFO_BUILD_TIME: |-
+$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/  /')
+BUILD_INFO_CURRENT_VERSION: |-
+$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/  /')
+HOST: |-
+$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+ROOT_URL: |-
+$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+HOST_INTERNAL: |-
+$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+HOST_CANONICAL: |-
+$(printf %s "$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+ROOT_URL_INTERNAL: |-
+$(printf %s "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+DEPLOY_CLOUD_RUN_PROJECT_ID: |-
+  asdf
+DEPLOY_CLOUD_RUN_REGION: |-
+  asia-east1
+GCLOUD_RUN_canonicalHostSuffix: |-
+$(printf %s "$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/  /')
+_ALL_ENV_VAR_KEYS: |-
+  ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
+
+EOF
+",
+          "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
-          "echo "$ENV_VARS" > ____envvars.yaml",
-          "gcloud run deploy pan-test-app-review-mr1234-www --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/mr1234:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=pan-test-app-review-mr1234-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
+          "gcloud run deploy $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }):$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=review,env-name=review,build-type=node,cloud-run-service-name=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
           "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
-          "gcloud run revisions list --project=asdf --region=asia-east1 --service=pan-test-app-review-mr1234-www --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done",
-          "gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/mr1234 --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/mr1234@$version --quiet --delete-tags; done",
+          "gcloud run revisions list --project=asdf --region=asia-east1 --service=$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --limit=unlimited --sort-by=metadata.creationTimestamp --format="value(name)" --filter='(status.conditions.status=False OR status.conditions.status=Unknown)' | while read -r revisionname; do gcloud run revisions delete --project=asdf --region=asia-east1 --quiet $revisionname ; done",
+          "gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })@$version --quiet --delete-tags; done",
           "gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
           "set +e",
           "gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www --quiet --delete-tags",
           "set -e",
           "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
           "echo Uploading SBOM to Dependency Track",
-          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://pan-test-app-review-mr1234-www-unknown-host.example.com" "__sbom.json" vex.json || true",
-        ],
-        "services": [
-          {
-            "command": [
-              "--tls=false",
-            ],
-            "name": "docker:24.0.6-dind",
-          },
+          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
+          "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
         ],
         "stage": "deploy review",
         "variables": {
-          "APP_DIR": "www",
-          "BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
-          "BUILD_INFO_CURRENT_VERSION": "3.2.1",
-          "BUILD_INFO_ID": "some-id",
-          "CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
-          "DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
-          "DEPLOY_CLOUD_RUN_REGION": "asia-east1",
-          "DOCKER_BUILDKIT": "1",
-          "DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www",
-          "DOCKER_DRIVER": "overlay2",
-          "DOCKER_HOST": "tcp://0.0.0.0:2375",
-          "DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/mr1234",
-          "DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
-          "DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
-          "DOCKER_TLS_CERTDIR": "",
-          "ENV_SHORT": "review",
-          "ENV_TYPE": "review",
-          "ENV_VARS": "ENV_SHORT: 'review'
-APP_DIR: 'www'
-ENV_TYPE: 'review'
-BUILD_INFO_ID: 'some-id'
-BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
-BUILD_INFO_CURRENT_VERSION: '3.2.1'
-HOST: 'pan-test-app-review-mr1234-www-unknown-host.example.com'
-ROOT_URL: 'https://pan-test-app-review-mr1234-www-unknown-host.example.com'
-HOST_CANONICAL: 'pan-test-app-review-mr1234-www-unknown-host.example.com'
-ROOT_URL_INTERNAL: 'https://pan-test-app-review-mr1234-www-unknown-host.example.com'
-HOST_INTERNAL: 'pan-test-app-review-mr1234-www-unknown-host.example.com'
-DEPLOY_CLOUD_RUN_PROJECT_ID: 'asdf'
-DEPLOY_CLOUD_RUN_REGION: 'asia-east1'
-GCLOUD_RUN_canonicalHostSuffix: '$CL_review_www_GCLOUD_RUN_canonicalHostSuffix'
-_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
-",
-          "GCLOUD_DEPLOY_credentialsKey": "$CL_review_www_GCLOUD_DEPLOY_credentialsKey",
-          "GCLOUD_RUN_canonicalHostSuffix": "$CL_review_www_GCLOUD_RUN_canonicalHostSuffix",
-          "HOST": "pan-test-app-review-mr1234-www-unknown-host.example.com",
-          "HOST_CANONICAL": "pan-test-app-review-mr1234-www-unknown-host.example.com",
-          "HOST_INTERNAL": "pan-test-app-review-mr1234-www-unknown-host.example.com",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "400Mi",
           "KUBERNETES_MEMORY_REQUEST": "200Mi",
-          "ROOT_URL": "https://pan-test-app-review-mr1234-www-unknown-host.example.com",
-          "ROOT_URL_INTERNAL": "https://pan-test-app-review-mr1234-www-unknown-host.example.com",
-          "_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
         },
       },
       "www 🛑 Stop ⚠️ | review ": {
+        "allow_failure": true,
+        "artifacts": {
+          "reports": {
+            "dotenv": "gitlab_environment.env",
+          },
+        },
         "environment": {
           "action": "stop",
-          "name": "review/some-commit/www",
-          "url": "https://pan-test-app-review-mr1234-www-unknown-host.example.com",
+          "name": "review/$CI_COMMIT_REF_NAME/www",
+          "url": "$CL_GITLAB_ENVIRONMENT_URL",
         },
         "image": "path/to/docker/gcloud:the-version",
         "interruptible": true,
@@ -912,31 +963,32 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         },
         "rules": [
           {
-            "allow_failure": true,
             "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
             "when": "on_success",
           },
           {
-            "allow_failure": true,
             "when": "manual",
           },
         ],
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "set +e",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_review_www_GCLOUD_DEPLOY_credentialsKey")",
-          "gcloud run services delete pan-test-app-review-mr1234-www --project=asdf --region=asia-east1",
-          "gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/mr1234 --quiet --delete-tags",
+          "gcloud run services delete $(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www" | awk '{print tolower($0)}') --project=asdf --region=asia-east1",
+          "gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www/$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; }) --quiet --delete-tags",
           "gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
           "set +e",
           "gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/review/www --quiet --delete-tags",
           "set -e",
           "echo Disabling component in Dependency Track",
-          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://pan-test-app-review-mr1234-www-unknown-host.example.com" || true",
+          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
           "set -e",
+          "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-review-$([ -n "$CI_MERGE_REQUEST_IID" ] && echo "mr$CI_MERGE_REQUEST_IID" || { [ -n "$CI_COMMIT_REF_SLUG" ] && echo "$CI_COMMIT_REF_SLUG" || echo "unknown"; })-www-$CL_review_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
         ],
         "stage": "stop review",
         "variables": {
-          "CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
           "GIT_STRATEGY": "none",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "400Mi",
@@ -956,12 +1008,14 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export APP_PATH="www"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "cd www",
           "yarn npm audit --environment production",
         ],
         "stage": "test",
         "variables": {
-          "APP_PATH": "www",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "4Gi",
           "KUBERNETES_MEMORY_REQUEST": "2Gi",
@@ -995,6 +1049,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export APP_PATH="www"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
           "if [ -f ~/.nvm/nvm.sh ];  then source ~/.nvm/nvm.sh; fi",
           "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
@@ -1011,7 +1068,6 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         ],
         "stage": "test",
         "variables": {
-          "APP_PATH": "www",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "4Gi",
           "KUBERNETES_MEMORY_REQUEST": "2Gi",
@@ -1035,6 +1091,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "trivy fs --quiet --format cyclonedx --output "__sbom.json" www",
         ],
         "stage": "build",
@@ -1087,7 +1145,7 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
     ],
     "variables": {
       "FF_USE_FASTZIP": "true",
-      "GIT_DEPTH": 1,
+      "GIT_DEPTH": "1",
     },
     "workflow": {
       "rules": [
@@ -1164,7 +1222,25 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
-          "echo '{"id":"some-id","time":"01-01-2023 12:13:14"}' > www/__build_info.json",
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export ENV_SHORT="prod"",
+          "export APP_DIR="www"",
+          "export ENV_TYPE="prod"",
+          "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
+          "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
+          "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
+          "export HOST="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_INTERNAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_CANONICAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
+          "export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
+          "export GCLOUD_DEPLOY_credentialsKey="$CL_prod_www_GCLOUD_DEPLOY_credentialsKey"",
+          "export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix"",
+          "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
+          "echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json",
           "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
           "if [ -f ~/.nvm/nvm.sh ];  then source ~/.nvm/nvm.sh; fi",
           "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
@@ -1181,25 +1257,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         ],
         "stage": "build",
         "variables": {
-          "APP_DIR": "www",
-          "BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
-          "BUILD_INFO_CURRENT_VERSION": "3.2.1",
-          "BUILD_INFO_ID": "some-id",
-          "DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
-          "DEPLOY_CLOUD_RUN_REGION": "asia-east1",
-          "ENV_SHORT": "prod",
-          "ENV_TYPE": "prod",
-          "GCLOUD_DEPLOY_credentialsKey": "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey",
-          "GCLOUD_RUN_canonicalHostSuffix": "$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix",
-          "HOST": "pan-test-app-prod-www-unknown-host.example.com",
-          "HOST_CANONICAL": "pan-test-app-prod-www-unknown-host.example.com",
-          "HOST_INTERNAL": "pan-test-app-prod-www-unknown-host.example.com",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "4Gi",
           "KUBERNETES_MEMORY_REQUEST": "2Gi",
-          "ROOT_URL": "https://pan-test-app-prod-www-unknown-host.example.com",
-          "ROOT_URL_INTERNAL": "https://pan-test-app-prod-www-unknown-host.example.com",
-          "_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
         },
       },
       "www 🔨 app | stage ": {
@@ -1249,7 +1309,25 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
-          "echo '{"id":"some-id","time":"01-01-2023 12:13:14"}' > www/__build_info.json",
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export ENV_SHORT="stage"",
+          "export APP_DIR="www"",
+          "export ENV_TYPE="stage"",
+          "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
+          "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
+          "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
+          "export HOST="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_INTERNAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_CANONICAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
+          "export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
+          "export GCLOUD_DEPLOY_credentialsKey="$CL_stage_www_GCLOUD_DEPLOY_credentialsKey"",
+          "export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix"",
+          "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
+          "echo '{"id":"$(git describe --tags 2>/dev/null || git rev-parse HEAD)","time":"$CI_JOB_STARTED_AT"}' > www/__build_info.json",
           "echo -e "\\e[0Ksection_start:$(date +%s):nodeinstall[collapsed=true]\\r\\e[0KEnsure node version"",
           "if [ -f ~/.nvm/nvm.sh ];  then source ~/.nvm/nvm.sh; fi",
           "if command -v nvm &> /dev/null && [ -f ./.nvmrc ]; then nvm install; fi",
@@ -1266,25 +1344,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         ],
         "stage": "build",
         "variables": {
-          "APP_DIR": "www",
-          "BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
-          "BUILD_INFO_CURRENT_VERSION": "3.2.1",
-          "BUILD_INFO_ID": "some-id",
-          "DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
-          "DEPLOY_CLOUD_RUN_REGION": "asia-east1",
-          "ENV_SHORT": "stage",
-          "ENV_TYPE": "stage",
-          "GCLOUD_DEPLOY_credentialsKey": "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey",
-          "GCLOUD_RUN_canonicalHostSuffix": "$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix",
-          "HOST": "pan-test-app-stage-www-unknown-host.example.com",
-          "HOST_CANONICAL": "pan-test-app-stage-www-unknown-host.example.com",
-          "HOST_INTERNAL": "pan-test-app-stage-www-unknown-host.example.com",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "4Gi",
           "KUBERNETES_MEMORY_REQUEST": "2Gi",
-          "ROOT_URL": "https://pan-test-app-stage-www-unknown-host.example.com",
-          "ROOT_URL_INTERNAL": "https://pan-test-app-stage-www-unknown-host.example.com",
-          "_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
         },
       },
       "www 🔨 docker | prod ": {
@@ -1310,6 +1372,23 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export DOCKERFILE_ADDITIONS="RUN apk add --no-cache openssl1.1-compat-dev"",
+          "export DOCKERFILE_ADDITIONS_END="RUN yarn rebuild"",
+          "export APP_DIR="www"",
+          "export DOCKER_DIR="."",
+          "export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
+          "export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www"",
+          "export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"",
+          "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
+          "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
+RUN yarn plugin import workspace-tools
+RUN yarn workspaces focus --production && yarn rebuild"",
+          "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node www/package.json /app/www/package.json
+COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
+COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
+COPY --chown=node:node .yarn /app/.yarn"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "ensureNodeDockerfile",
           "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")",
@@ -1334,24 +1413,9 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         ],
         "stage": "build",
         "variables": {
-          "APP_DIR": "www",
-          "DOCKERFILE_ADDITIONS": "RUN apk add --no-cache openssl1.1-compat-dev",
-          "DOCKERFILE_ADDITIONS_END": "RUN yarn rebuild",
           "DOCKER_BUILDKIT": "1",
-          "DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www",
-          "DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
-RUN yarn plugin import workspace-tools
-RUN yarn workspaces focus --production && yarn rebuild",
-          "DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node www/package.json /app/www/package.json
-COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
-COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
-COPY --chown=node:node .yarn /app/.yarn",
-          "DOCKER_DIR": ".",
           "DOCKER_DRIVER": "overlay2",
           "DOCKER_HOST": "tcp://0.0.0.0:2375",
-          "DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www",
-          "DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
-          "DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
           "DOCKER_TLS_CERTDIR": "",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "2Gi",
@@ -1381,6 +1445,23 @@ COPY --chown=node:node .yarn /app/.yarn",
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export DOCKERFILE_ADDITIONS="RUN apk add --no-cache openssl1.1-compat-dev"",
+          "export DOCKERFILE_ADDITIONS_END="RUN yarn rebuild"",
+          "export APP_DIR="www"",
+          "export DOCKER_DIR="."",
+          "export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
+          "export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www"",
+          "export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"",
+          "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
+          "export DOCKER_COPY_AND_INSTALL_APP="COPY --chown=node:node $APP_DIR .
+RUN yarn plugin import workspace-tools
+RUN yarn workspaces focus --production && yarn rebuild"",
+          "export DOCKER_COPY_WORKSPACE_FILES="COPY --chown=node:node www/package.json /app/www/package.json
+COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
+COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
+COPY --chown=node:node .yarn /app/.yarn"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "ensureNodeDockerfile",
           "echo -e "\\e[0Ksection_start:$(date +%s):docker-login[collapsed=true]\\r\\e[0KDocker Login"",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")",
@@ -1405,24 +1486,9 @@ COPY --chown=node:node .yarn /app/.yarn",
         ],
         "stage": "build",
         "variables": {
-          "APP_DIR": "www",
-          "DOCKERFILE_ADDITIONS": "RUN apk add --no-cache openssl1.1-compat-dev",
-          "DOCKERFILE_ADDITIONS_END": "RUN yarn rebuild",
           "DOCKER_BUILDKIT": "1",
-          "DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www",
-          "DOCKER_COPY_AND_INSTALL_APP": "COPY --chown=node:node $APP_DIR .
-RUN yarn plugin import workspace-tools
-RUN yarn workspaces focus --production && yarn rebuild",
-          "DOCKER_COPY_WORKSPACE_FILES": "COPY --chown=node:node www/package.json /app/www/package.json
-COPY --chown=node:node www/yarn.lock /app/www/yarn.lock
-COPY --chown=node:node .yarnrc.yml /app/.yarnrc.yml
-COPY --chown=node:node .yarn /app/.yarn",
-          "DOCKER_DIR": ".",
           "DOCKER_DRIVER": "overlay2",
           "DOCKER_HOST": "tcp://0.0.0.0:2375",
-          "DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www",
-          "DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
-          "DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
           "DOCKER_TLS_CERTDIR": "",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "2Gi",
@@ -1432,15 +1498,15 @@ COPY --chown=node:node .yarn /app/.yarn",
       "www 🚀 Deploy | prod ": {
         "allow_failure": true,
         "artifacts": {
-          "paths": [
-            "____envvars.yaml",
-          ],
+          "reports": {
+            "dotenv": "gitlab_environment.env",
+          },
         },
         "environment": {
           "auto_stop_in": undefined,
           "name": "prod/www",
           "on_stop": "www 🛑 Stop ⚠️ | prod ",
-          "url": "https://pan-test-app-prod-www-unknown-host.example.com",
+          "url": "$CL_GITLAB_ENVIRONMENT_URL",
         },
         "image": "path/to/docker/gcloud:the-version",
         "interruptible": true,
@@ -1471,13 +1537,71 @@ COPY --chown=node:node .yarn /app/.yarn",
           },
         ],
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export ENV_SHORT="prod"",
+          "export APP_DIR="www"",
+          "export ENV_TYPE="prod"",
+          "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
+          "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
+          "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
+          "export HOST="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_INTERNAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_CANONICAL="$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
+          "export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
+          "export GCLOUD_DEPLOY_credentialsKey="$CL_prod_www_GCLOUD_DEPLOY_credentialsKey"",
+          "export GCLOUD_RUN_canonicalHostSuffix="$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix"",
+          "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
+          "export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
+          "export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www"",
+          "export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"",
+          "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
+          "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")",
           "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")",
           "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
           "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
+          "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
+          "cat > ____envvars.yaml <<EOF
+ENV_SHORT: |-
+  prod
+APP_DIR: |-
+  www
+ENV_TYPE: |-
+  prod
+BUILD_INFO_BUILD_ID: |-
+$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/  /')
+BUILD_INFO_BUILD_TIME: |-
+$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/  /')
+BUILD_INFO_CURRENT_VERSION: |-
+$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/  /')
+HOST: |-
+$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+ROOT_URL: |-
+$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+HOST_INTERNAL: |-
+$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+HOST_CANONICAL: |-
+$(printf %s "$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+ROOT_URL_INTERNAL: |-
+$(printf %s "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+DEPLOY_CLOUD_RUN_PROJECT_ID: |-
+  asdf
+DEPLOY_CLOUD_RUN_REGION: |-
+  asia-east1
+GCLOUD_RUN_canonicalHostSuffix: |-
+$(printf %s "$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/  /')
+_ALL_ENV_VAR_KEYS: |-
+  ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
+
+EOF
+",
+          "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
-          "echo "$ENV_VARS" > ____envvars.yaml",
           "gcloud run deploy pan-test-app-prod-www --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=prod,env-name=prod,build-type=node,cloud-run-service-name=pan-test-app-prod-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
           "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
@@ -1486,76 +1610,28 @@ COPY --chown=node:node .yarn /app/.yarn",
           "gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
           "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
           "echo Uploading SBOM to Dependency Track",
-          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://pan-test-app-prod-www-unknown-host.example.com" "__sbom.json" vex.json || true",
-        ],
-        "services": [
-          {
-            "command": [
-              "--tls=false",
-            ],
-            "name": "docker:24.0.6-dind",
-          },
+          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
+          "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
         ],
         "stage": "deploy prod",
         "variables": {
-          "APP_DIR": "www",
-          "BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
-          "BUILD_INFO_CURRENT_VERSION": "3.2.1",
-          "BUILD_INFO_ID": "some-id",
-          "CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
-          "DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
-          "DEPLOY_CLOUD_RUN_REGION": "asia-east1",
-          "DOCKER_BUILDKIT": "1",
-          "DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www",
-          "DOCKER_DRIVER": "overlay2",
-          "DOCKER_HOST": "tcp://0.0.0.0:2375",
-          "DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www",
-          "DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
-          "DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
-          "DOCKER_TLS_CERTDIR": "",
-          "ENV_SHORT": "prod",
-          "ENV_TYPE": "prod",
-          "ENV_VARS": "ENV_SHORT: 'prod'
-APP_DIR: 'www'
-ENV_TYPE: 'prod'
-BUILD_INFO_ID: 'some-id'
-BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
-BUILD_INFO_CURRENT_VERSION: '3.2.1'
-HOST: 'pan-test-app-prod-www-unknown-host.example.com'
-ROOT_URL: 'https://pan-test-app-prod-www-unknown-host.example.com'
-HOST_CANONICAL: 'pan-test-app-prod-www-unknown-host.example.com'
-ROOT_URL_INTERNAL: 'https://pan-test-app-prod-www-unknown-host.example.com'
-HOST_INTERNAL: 'pan-test-app-prod-www-unknown-host.example.com'
-DEPLOY_CLOUD_RUN_PROJECT_ID: 'asdf'
-DEPLOY_CLOUD_RUN_REGION: 'asia-east1'
-GCLOUD_RUN_canonicalHostSuffix: '$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix'
-_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
-",
-          "GCLOUD_DEPLOY_credentialsKey": "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey",
-          "GCLOUD_RUN_canonicalHostSuffix": "$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix",
-          "HOST": "pan-test-app-prod-www-unknown-host.example.com",
-          "HOST_CANONICAL": "pan-test-app-prod-www-unknown-host.example.com",
-          "HOST_INTERNAL": "pan-test-app-prod-www-unknown-host.example.com",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "400Mi",
           "KUBERNETES_MEMORY_REQUEST": "200Mi",
-          "ROOT_URL": "https://pan-test-app-prod-www-unknown-host.example.com",
-          "ROOT_URL_INTERNAL": "https://pan-test-app-prod-www-unknown-host.example.com",
-          "_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
         },
       },
       "www 🚀 Deploy | stage ": {
         "allow_failure": false,
         "artifacts": {
-          "paths": [
-            "____envvars.yaml",
-          ],
+          "reports": {
+            "dotenv": "gitlab_environment.env",
+          },
         },
         "environment": {
           "auto_stop_in": undefined,
           "name": "stage/www",
           "on_stop": "www 🛑 Stop ⚠️ | stage ",
-          "url": "https://pan-test-app-stage-www-unknown-host.example.com",
+          "url": "$CL_GITLAB_ENVIRONMENT_URL",
         },
         "image": "path/to/docker/gcloud:the-version",
         "interruptible": true,
@@ -1586,13 +1662,71 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           },
         ],
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export ENV_SHORT="stage"",
+          "export APP_DIR="www"",
+          "export ENV_TYPE="stage"",
+          "export BUILD_INFO_BUILD_ID="$(git describe --tags 2>/dev/null || git rev-parse HEAD)"",
+          "export BUILD_INFO_BUILD_TIME="$CI_JOB_STARTED_AT"",
+          "export BUILD_INFO_CURRENT_VERSION="$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")"",
+          "export HOST="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_INTERNAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export HOST_CANONICAL="$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export ROOT_URL_INTERNAL="https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')"",
+          "export DEPLOY_CLOUD_RUN_PROJECT_ID="asdf"",
+          "export DEPLOY_CLOUD_RUN_REGION="asia-east1"",
+          "export GCLOUD_DEPLOY_credentialsKey="$CL_stage_www_GCLOUD_DEPLOY_credentialsKey"",
+          "export GCLOUD_RUN_canonicalHostSuffix="$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix"",
+          "export _ALL_ENV_VAR_KEYS="[\\"ENV_SHORT\\",\\"APP_DIR\\",\\"ENV_TYPE\\",\\"BUILD_INFO_BUILD_ID\\",\\"BUILD_INFO_BUILD_TIME\\",\\"BUILD_INFO_CURRENT_VERSION\\",\\"HOST\\",\\"ROOT_URL\\",\\"HOST_INTERNAL\\",\\"HOST_CANONICAL\\",\\"ROOT_URL_INTERNAL\\",\\"DEPLOY_CLOUD_RUN_PROJECT_ID\\",\\"DEPLOY_CLOUD_RUN_REGION\\",\\"GCLOUD_DEPLOY_credentialsKey\\",\\"GCLOUD_RUN_canonicalHostSuffix\\"]"",
+          "export DOCKER_REGISTRY="asia-east1-docker.pkg.dev"",
+          "export DOCKER_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www"",
+          "export DOCKER_CACHE_IMAGE="asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www"",
+          "export DOCKER_IMAGE_TAG="$CI_COMMIT_SHA"",
+          "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):prepare[collapsed=true]\\r\\e[0KPrepare..."",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")",
           "export GCLOUD_PROJECT_NUMBER=$(gcloud projects describe asdf --format="value(projectNumber)")",
           "echo "GCLOUD_PROJECT_NUMBER: $GCLOUD_PROJECT_NUMBER"",
           "echo -e "\\e[0Ksection_end:$(date +%s):prepare\\r\\e[0K"",
+          "echo -e "\\e[0Ksection_start:$(date +%s):writeenvvars[collapsed=true]\\r\\e[0KWrite env vars to file"",
+          "cat > ____envvars.yaml <<EOF
+ENV_SHORT: |-
+  stage
+APP_DIR: |-
+  www
+ENV_TYPE: |-
+  stage
+BUILD_INFO_BUILD_ID: |-
+$(printf %s "$(git describe --tags 2>/dev/null || git rev-parse HEAD)" | sed 's/^/  /')
+BUILD_INFO_BUILD_TIME: |-
+$(printf %s "$CI_JOB_STARTED_AT" | sed 's/^/  /')
+BUILD_INFO_CURRENT_VERSION: |-
+$(printf %s "$(tag=$(git ls-remote origin "refs/tags/v*[0-9]" 2>/dev/null | cut -f 2- | sort -V | tail -1 | sed 's/refs\\/tags\\///'); [ -z "$tag" ] && echo "v0.0.0" || echo "$tag")" | sed 's/^/  /')
+HOST: |-
+$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+ROOT_URL: |-
+$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+HOST_INTERNAL: |-
+$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+HOST_CANONICAL: |-
+$(printf %s "$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+ROOT_URL_INTERNAL: |-
+$(printf %s "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" | sed 's/^/  /')
+DEPLOY_CLOUD_RUN_PROJECT_ID: |-
+  asdf
+DEPLOY_CLOUD_RUN_REGION: |-
+  asia-east1
+GCLOUD_RUN_canonicalHostSuffix: |-
+$(printf %s "$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | sed 's/^/  /')
+_ALL_ENV_VAR_KEYS: |-
+  ["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_BUILD_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_INTERNAL","HOST_CANONICAL","ROOT_URL_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]
+
+EOF
+",
+          "echo -e "\\e[0Ksection_end:$(date +%s):writeenvvars\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):deploy[collapsed=true]\\r\\e[0KDeploy to cloud run"",
-          "echo "$ENV_VARS" > ____envvars.yaml",
           "gcloud run deploy pan-test-app-stage-www --command="yarn,start" --image=asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www:$DOCKER_IMAGE_TAG --project=asdf --region=asia-east1 --labels=customer-name=pan,component-name=www,app-name=test-app,env-type=stage,env-name=stage,build-type=node,cloud-run-service-name=pan-test-app-stage-www --env-vars-file=____envvars.yaml --min-instances=0 --max-instances=100 --cpu-throttling --allow-unauthenticated --ingress=all --cpu-boost",
           "echo -e "\\e[0Ksection_end:$(date +%s):deploy\\r\\e[0K"",
           "echo -e "\\e[0Ksection_start:$(date +%s):cleanup[collapsed=true]\\r\\e[0KCleanup"",
@@ -1601,69 +1735,27 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           "gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
           "echo -e "\\e[0Ksection_end:$(date +%s):cleanup\\r\\e[0K"",
           "echo Uploading SBOM to Dependency Track",
-          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://pan-test-app-stage-www-unknown-host.example.com" "__sbom.json" vex.json || true",
-        ],
-        "services": [
-          {
-            "command": [
-              "--tls=false",
-            ],
-            "name": "docker:24.0.6-dind",
-          },
+          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" upload "pan-test-app/www" "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" "__sbom.json" vex.json || true",
+          "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
         ],
         "stage": "deploy stage",
         "variables": {
-          "APP_DIR": "www",
-          "BUILD_INFO_BUILD_TIME": "01-01-2023 12:13:14",
-          "BUILD_INFO_CURRENT_VERSION": "3.2.1",
-          "BUILD_INFO_ID": "some-id",
-          "CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
-          "DEPLOY_CLOUD_RUN_PROJECT_ID": "asdf",
-          "DEPLOY_CLOUD_RUN_REGION": "asia-east1",
-          "DOCKER_BUILDKIT": "1",
-          "DOCKER_CACHE_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www",
-          "DOCKER_DRIVER": "overlay2",
-          "DOCKER_HOST": "tcp://0.0.0.0:2375",
-          "DOCKER_IMAGE": "asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www",
-          "DOCKER_IMAGE_TAG": "$CI_COMMIT_SHA",
-          "DOCKER_REGISTRY": "asia-east1-docker.pkg.dev",
-          "DOCKER_TLS_CERTDIR": "",
-          "ENV_SHORT": "stage",
-          "ENV_TYPE": "stage",
-          "ENV_VARS": "ENV_SHORT: 'stage'
-APP_DIR: 'www'
-ENV_TYPE: 'stage'
-BUILD_INFO_ID: 'some-id'
-BUILD_INFO_BUILD_TIME: '01-01-2023 12:13:14'
-BUILD_INFO_CURRENT_VERSION: '3.2.1'
-HOST: 'pan-test-app-stage-www-unknown-host.example.com'
-ROOT_URL: 'https://pan-test-app-stage-www-unknown-host.example.com'
-HOST_CANONICAL: 'pan-test-app-stage-www-unknown-host.example.com'
-ROOT_URL_INTERNAL: 'https://pan-test-app-stage-www-unknown-host.example.com'
-HOST_INTERNAL: 'pan-test-app-stage-www-unknown-host.example.com'
-DEPLOY_CLOUD_RUN_PROJECT_ID: 'asdf'
-DEPLOY_CLOUD_RUN_REGION: 'asia-east1'
-GCLOUD_RUN_canonicalHostSuffix: '$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix'
-_ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]'
-",
-          "GCLOUD_DEPLOY_credentialsKey": "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey",
-          "GCLOUD_RUN_canonicalHostSuffix": "$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix",
-          "HOST": "pan-test-app-stage-www-unknown-host.example.com",
-          "HOST_CANONICAL": "pan-test-app-stage-www-unknown-host.example.com",
-          "HOST_INTERNAL": "pan-test-app-stage-www-unknown-host.example.com",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "400Mi",
           "KUBERNETES_MEMORY_REQUEST": "200Mi",
-          "ROOT_URL": "https://pan-test-app-stage-www-unknown-host.example.com",
-          "ROOT_URL_INTERNAL": "https://pan-test-app-stage-www-unknown-host.example.com",
-          "_ALL_ENV_VAR_KEYS": "["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INFO_BUILD_TIME","BUILD_INFO_CURRENT_VERSION","HOST","ROOT_URL","HOST_CANONICAL","ROOT_URL_INTERNAL","HOST_INTERNAL","DEPLOY_CLOUD_RUN_PROJECT_ID","DEPLOY_CLOUD_RUN_REGION","GCLOUD_DEPLOY_credentialsKey","GCLOUD_RUN_canonicalHostSuffix"]",
         },
       },
       "www 🛑 Stop ⚠️ | prod ": {
+        "allow_failure": true,
+        "artifacts": {
+          "reports": {
+            "dotenv": "gitlab_environment.env",
+          },
+        },
         "environment": {
           "action": "stop",
           "name": "prod/www",
-          "url": "https://pan-test-app-prod-www-unknown-host.example.com",
+          "url": "$CL_GITLAB_ENVIRONMENT_URL",
         },
         "image": "path/to/docker/gcloud:the-version",
         "interruptible": true,
@@ -1677,28 +1769,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         },
         "rules": [
           {
-            "allow_failure": true,
             "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
             "when": "on_success",
           },
           {
-            "allow_failure": true,
             "when": "manual",
           },
         ],
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "set +e",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_prod_www_GCLOUD_DEPLOY_credentialsKey")",
           "gcloud run services delete pan-test-app-prod-www --project=asdf --region=asia-east1",
           "gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/prod/www --quiet --delete-tags",
           "gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
           "echo Disabling component in Dependency Track",
-          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://pan-test-app-prod-www-unknown-host.example.com" || true",
+          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
           "set -e",
+          "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-prod-www-$CL_prod_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
         ],
         "stage": "stop prod",
         "variables": {
-          "CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
           "GIT_STRATEGY": "none",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "400Mi",
@@ -1706,10 +1799,16 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         },
       },
       "www 🛑 Stop ⚠️ | stage ": {
+        "allow_failure": true,
+        "artifacts": {
+          "reports": {
+            "dotenv": "gitlab_environment.env",
+          },
+        },
         "environment": {
           "action": "stop",
           "name": "stage/www",
-          "url": "https://pan-test-app-stage-www-unknown-host.example.com",
+          "url": "$CL_GITLAB_ENVIRONMENT_URL",
         },
         "image": "path/to/docker/gcloud:the-version",
         "interruptible": true,
@@ -1723,28 +1822,29 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
         },
         "rules": [
           {
-            "allow_failure": true,
             "if": "$CI_COMMIT_BRANCH =~ /^[0-9]+\\.([0-9]+|x)\\.x$/",
             "when": "on_success",
           },
           {
-            "allow_failure": true,
             "when": "manual",
           },
         ],
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "export CLOUDSDK_CORE_DISABLE_PROMPTS="1"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "set +e",
           "gcloud auth activate-service-account --key-file=<(echo "$CL_stage_www_GCLOUD_DEPLOY_credentialsKey")",
           "gcloud run services delete pan-test-app-stage-www --project=asdf --region=asia-east1",
           "gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/stage/www --quiet --delete-tags",
           "gcloud artifacts docker images list asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www --sort-by=~CREATE_TIME --format="value(version)" | tail -n +2 | while read -r version; do gcloud artifacts docker images delete asia-east1-docker.pkg.dev/asdf/catladder-deploy/pan-test-app/caches/www@$version --quiet --delete-tags; done",
           "echo Disabling component in Dependency Track",
-          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://pan-test-app-stage-www-unknown-host.example.com" || true",
+          "/dtrackuploader https://dep.panter.swiss/ "$DT_KEY_PROD" disable "pan-test-app/www" "https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" || true",
           "set -e",
+          "echo "CL_GITLAB_ENVIRONMENT_URL=https://$(printf %s "pan-test-app-stage-www-$CL_stage_www_GCLOUD_RUN_canonicalHostSuffix" | awk '{print tolower($0)}')" >> gitlab_environment.env",
         ],
         "stage": "stop stage",
         "variables": {
-          "CLOUDSDK_CORE_DISABLE_PROMPTS": "1",
           "GIT_STRATEGY": "none",
           "KUBERNETES_CPU_REQUEST": "0.5",
           "KUBERNETES_MEMORY_LIMIT": "400Mi",
@@ -1769,6 +1869,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "trivy fs --quiet --format cyclonedx --output "__sbom.json" www",
         ],
         "stage": "build",
@@ -1792,6 +1894,8 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
           ],
         },
         "script": [
+          "echo -e "\\e[0Ksection_start:$(date +%s):injectvars[collapsed=true]\\r\\e[0KInjecting variables"",
+          "echo -e "\\e[0Ksection_end:$(date +%s):injectvars\\r\\e[0K"",
           "trivy fs --quiet --format cyclonedx --output "__sbom.json" www",
         ],
         "stage": "build",
@@ -1844,7 +1948,7 @@ _ALL_ENV_VAR_KEYS: '["ENV_SHORT","APP_DIR","ENV_TYPE","BUILD_INFO_ID","BUILD_INF
     ],
     "variables": {
       "FF_USE_FASTZIP": "true",
-      "GIT_DEPTH": 1,
+      "GIT_DEPTH": "1",
     },
     "workflow": {
       "rules": [