Using global variables to init postgres as service

Hallo there,

I’am trying to remove the defined variables from my gitlab-ci.yaml to the global variables defined in the gitlab ui under settings -> CI/CD. But the problem is, not all declared variables in my yaml are ?resolved? correctly or not on time.
My feeling is, the POSTGRES_DB variable isn’t set to the POSTGRES_DB_GLOBAL. So I get a Fatal Exception that DB “sms” is not existend. I checked twice, it is correctly set in the global variables. All global variables are protected and mask except POSTGRES_DB which is only protected due to the unmet length requirement. When I define the POSTGRES_DB staticly it works just fine. So did I miss something?
My current gitlab-ci-yaml

stages:
  - build
  - test
  - build_backend
  
variables:
  DOCKER_DRIVER: overlay2
  MAVEN_OPTS: "-Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository"
  POSTGRES_DB: sms
  POSTGRES_USER: $POSTGRES_USER_GLOBAL 
  POSTGRES_PASSWORD: $POSTGRES_PASSWORD_GLOBAL
  POSTGRES_HOST_AUTH_METHOD: trust
  POSTGRES_HOST: $POSTGRES_USER_GLOBAL
    
cache:
  paths:
    - $CI_PROJECT_DIR/.m2/repository
    - spring/target/
    
include:
    - template: SAST.gitlab-ci.yml
    - template: Code-Quality.gitlab-ci.yml
    
spring_build:
  image: maven:3.6.3-jdk-11
  stage: build
  script: 
    - echo compiling spring project...
    - cd spring && ./mvnw -Pprod $MAVEN_OPTS compile
  
spring_test:
  image: maven:3.6.3-jdk-11
  services:
    - postgres:latest
  stage: test
  script:
    - echo verify spring application
    - cd spring && ./mvnw -Pprod $MAVEN_OPTS verify
  artifacts:
    reports:
      junit:
        - spring/target/surefire-reports/TEST-*.xml
    paths:
      - spring/target/
    expire_in: 1 week
   
code_quality:
  stage: test
  artifacts:
    reports:
      codequality: gl-code-quality-report.json
  after_script:
    - cat gl-code-quality-report.json
    
spotbugs-sast:
  script:
    - /analyzer run -compile=false
  variables:
    MAVEN_REPO_PATH: $CI_PROJECT_DIR/.m2/repository
  artifacts:
    reports:
      sast: gl-sast-report.json

spring_deploy: # not really an deployment but for now its enough. Should rather be pushing the Image to docker hub to then using it in an kub-cluster.
  image: docker:latest
  services:
   - docker:dind # Heavy security concerns due to granted root privileges by default in every container. Kaniko should be used instead.
  stage: build_backend
  script:
    - echo building spring container...
    - docker info
    - apk add docker-compose
    - docker-compose up -d --force-recreate --build spring

This actually works.
But not this:

stages:
  - build
  - test
  - build_backend
  
variables:
  DOCKER_DRIVER: overlay2
  MAVEN_OPTS: "-Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository"
  POSTGRES_DB: $POSTGRES_DB_GLOBAL
  POSTGRES_USER: $POSTGRES_USER_GLOBAL
  POSTGRES_PASSWORD: $POSTGRES_PASSWORD_GLOBAL
  POSTGRES_HOST_AUTH_METHOD: trust
  POSTGRES_HOST: $POSTGRES_USER_GLOBAL
    
cache:
  paths:
    - $CI_PROJECT_DIR/.m2/repository
    - spring/target/
    
include:
    - template: SAST.gitlab-ci.yml
    - template: Code-Quality.gitlab-ci.yml
    
spring_build:
  image: maven:3.6.3-jdk-11
  stage: build
  script: 
    - echo compiling spring project...
    - cd spring && ./mvnw -Pprod $MAVEN_OPTS compile
  
spring_test:
  image: maven:3.6.3-jdk-11
  services:
    - postgres:latest
  stage: test
  script:
    - echo verify spring application
    - cd spring && ./mvnw -Pprod $MAVEN_OPTS verify
  artifacts:
    reports:
      junit:
        - spring/target/surefire-reports/TEST-*.xml
    paths:
      - spring/target/
    expire_in: 1 week
   
code_quality:
  stage: test
  artifacts:
    reports:
      codequality: gl-code-quality-report.json
  after_script:
    - cat gl-code-quality-report.json
    
spotbugs-sast:
  script:
    - /analyzer run -compile=false
  variables:
    MAVEN_REPO_PATH: $CI_PROJECT_DIR/.m2/repository
  artifacts:
    reports:
      sast: gl-sast-report.json

spring_deploy: # not really an deployment but for now its enough. Should rather be pushing the Image to docker hub to then using it in an kub-cluster.
  image: docker:latest
  services:
   - docker:dind # Heavy security concerns due to granted root privileges by default in every container. Kaniko should be used instead.
  stage: build_backend
  script:
    - echo building spring container...
    - docker info
    - apk add docker-compose
    - docker-compose up -d --force-recreate --build spring

Any ideas why this won’t work?