如何以保存方式设置GitLab环境变量? [英] How to Setup GitLab Enviroment Variable in save way?
问题描述
我不想在我的分支中放入敏感的凭据(如API密钥,密码...).为此,GitLab(和其他CI/CD服务)能够设置环境变量.它们将在部署过程中注入到脚本中.
I don't wan't to put sensitive Credentials (Like API-Keys, passwords...) into my branch. For this, GitLab (and other CI/CD-Services) are able to set Enviroment-Variables. They will be injected on deployment-process into the Script.
我知道GitLab设置它们的两种方法:
I know about two ways for GitLab to set them:
- 通过UI(项目⇒设置⇒CI/CD⇒变量)
- 通过.gitlab-ci.yml
我认为第一种方法是安全的,因为git-repo中没有保存带有凭证的文件,所以这也是更复杂的方法...因为我必须通过GitLab-手动设置每个变量GUI
As in my opinion the first way is the secure one, because none files with credentials are saved in the git-repo, it's also the more complecated way... because I have to set each single variable by hand via GitLab-GUI
通过第二种方式,我看到了这个问题,.gitlab-ci.yml被保存到gitlab-repo中,因此凭据不安全.
With the second way I see the issue, that .gitlab-ci.yml is saved into the gitlab-repo, so the credentials are not secure.
问题:有没有一种方法可以在文件中定义ENV变量并将其提供给GitLab,而无需将其放入分支中?还是有其他方法可以在GitLab中轻松安全地创建那些ENV变量?
Question: Is there a way to define the ENV-Vars in a File and provide it to GitLab, without to put them into the branch? Or is there another way to create those ENV-Vars easy and secure in GitLab?
推荐答案
是否可以在文件中定义ENV变量?
Is there a way to define the ENV-Vars in a File?
是的,在您提到的UI设置中,您可以将变量类型指定为 variable (键:值)或 file (在Key中,路径将通过值输入的内容).
Yes, in UI settings you mentioned you can specify variables type to be variable (key:value) or file (in Key will be passed path to secret file with content from value input).
因此文件变量看起来就像您要找的东西.
So file variable seems like what you are looking for.
自述文件和
Readme and docs provide good description for variables. Personally I find very useful other options: variable masking and protected state.
这篇关于如何以保存方式设置GitLab环境变量?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
