Should this deployer be generating a 'gitlab-registry' secret on the kubernetes cluster in order to be able to access images on registry against private repos?

I'm seeking to troubleshoot problems in running build pipelines with version 9.1.3 of the kubernetes-gitlab-demo implementation, as per this issue.

Since running this last (running against a version 8.16.3 of Gitlab), the kubernetes-deploy solution is now able to handle build pipelines for private projects (having previously only worked for public projects). From what I can see, this was facilitated in part by adding a gitlab-registry secret (or perhaps just mocking the creation of one?). Is this the same gitlab-registry.key that gets populated to root@gitlab-2009382607-gn67z:/var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key?

This secret generation appears to have been reverted by this commit, but looks to be reinstated in master now.

Also, can I ask how all the CI_ENVIRONMENT_* variables are getting set, since if I look at the environment variables on the my runner's POD, I don't see any of these and there's nothing controlling their generation in the manifests on kubernetes-gitlab-demo either.

I came across this useful description of the different types of variables that can get set for a CI pipeline here. I'm wondering is this kubernetes-deploy expecting these to be set somewhere within a project on gitlab for pipelines to work?