Gitlab Executor = ‘shell’ using APK or APT Salesforce sfdx

Hi,

We are trying to deploy Salesforce components using the CICD pipelien with sfdx commands. The current corporate runner is using shell as the executor. My understanding is that shell does not come installed with apk or apk which are used for Salesforce deployments. Is there a way to add apk or apt to the shell executor? Or is it better to create a runner with docker or docker+machine as the executor? Thank you.

image: "docker:latest"

cache:
  key: ${CI_COMMIT_REF_NAME}
  paths:
    - .sfdx/


stages:
  - build
  - validate

before_script:
  - *sfdx_helpers

 
docker-build:
  # Use the official docker image.
  #image: docker:latest
  image: alpine:3.14
  stage: build
  services:
    - docker:dind
  variables:
    DOCKER_IMAGE_NAME: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
  before_script:
    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
  # All branches are tagged with $DOCKER_IMAGE_NAME (defaults to commit ref slug)
  # Default branch is also tagged with `latest`
  script:
    - docker build --pull -t "$DOCKER_IMAGE_NAME" .
    - docker push "$DOCKER_IMAGE_NAME"
    - |
      if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
        docker tag "$DOCKER_IMAGE_NAME" "$CI_REGISTRY_IMAGE:latest"
        docker push "$CI_REGISTRY_IMAGE:latest"
      fi
  # Run this job in a branch where a Dockerfile exists
  rules:
    - if: $CI_COMMIT_BRANCH
      exists:
        - Dockerfile

Validate-Dev:
  image: docker:latest

  tags: # Used to indicate which runner(s) are allowed to run the job. A runner will only execute if it has all the included tags defined on it.

    - test

  stage: validate

  only:

    - /^Develop$/i

  except:
    variables:
      - $SANDBOX_DISABLED

  script:
    - echo test
    - install_wget
    - install_salesforce_cli
    - authenticate SANDBOX $Test

    - sfdx force:source:deploy -c -p force-app/main/default -u SANDBOX -l RunLocalTests



   function install_wget() {   
       apk update && apk add --update npm && apk add bash && apk add openssh --update curl
  }




  function install_salesforce_cli() {

    # Salesforce CLI Environment Variables
    # https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_cli_env_variables.htm

    # By default, the CLI periodically checks for and installs updates.
    # Disable (false) this auto-update check to improve performance of CLI commands.
    export SFDX_AUTOUPDATE_DISABLE=false

    # Set to true if you want to use the generic UNIX keychain instead of the Linux libsecret library or macOS keychain.
    # Specify this variable when using the CLI with ssh or "headless" in a CI environment.
    export SFDX_USE_GENERIC_UNIX_KEYCHAIN=true

    # Specifies the time, in seconds, that the CLI waits for the Lightning Experience custom domain to resolve and become available in a newly-created scratch org.
    # If you get errors about My Domain not configured when you try to use a newly-created scratch org, increase this wait time.
    export SFDX_DOMAIN_RETRY=300

    # For force:package:create, disables automatic updates to the sfdx-project.json file.
    export SFDX_PROJECT_AUTOUPDATE_DISABLE_FOR_PACKAGE_CREATE=true

    # For force:package:version:create, disables automatic updates to the sfdx-project.json file.
    export SFDX_PROJECT_AUTOUPDATE_DISABLE_FOR_PACKAGE_VERSION_CREATE=true

    # Install Salesforce CLI
     

   #CLIURL=https://artifactory.cbp.dhs.gov/artifactory/bems-salesforce/sfdx/latestversion/sfdx-linux-amd64.tar.xz   
   #CLIURL=https://developer.salesforce.com/latestversion/salesforce-cli/sfdx-linux-amd64.tar.xz 
   #export CLIURL=https://developer.salesforce.com/media/salesforce-cli/sfdx/channels/stable/sfdx-linux-x64.tar.xz

    # Install Salesforce CLI


   npm install sfdx-cli --global
   npm install @salesforce/cli --global
   
    # Output CLI version and plug-in information
    sfdx update
    sfdx --version
    sfdx plugins --core
  }

apk is a package manager available on Alpine Linux. For the shell executor, this requires that the GitLab Runner executing the CI/CD job also is running on Alpine Linux as host OS.

If your runner OS is different (e.g. Debian or Ubuntu), an alternative can be running the job in a container, using alpine as base image. There, apk is available to manage package installations. Using the docker executor requires a bit more setup on the runner host, for example installing Docker and configuring access in the runner config.

Thank you