debian-mirror-gitlab/doc/ci/secure_files/index.md

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

70 lines
3.5 KiB
Markdown
Raw Normal View History

2022-06-21 17:19:12 +05:30
---
stage: Verify
group: Pipeline Authoring
2022-11-25 23:54:43 +05:30
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
2022-06-21 17:19:12 +05:30
type: reference
---
# Project-level Secure Files **(FREE)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/78227) in GitLab 14.8. [Deployed behind the `ci_secure_files` flag](../../administration/feature_flags.md), disabled by default.
FLAG:
On self-managed GitLab, by default this feature is not available. To make it available,
ask an administrator to [enable the feature flag](../../administration/feature_flags.md)
named `ci_secure_files`. Limited to 100 secure files per project. Files must be smaller
2022-11-25 23:54:43 +05:30
than 5 MB. Project-level Secure Files is an experimental feature developed by [GitLab Incubation Engineering](https://about.gitlab.com/handbook/engineering/incubation/).
Project-level Secure Files is still in development, but you can:
- [Request a feature](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/feedback/-/issues/new?issuable_template=feature_request).
- [Report a bug](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/feedback/-/issues/new?issuable_template=report_bug).
- [Share feedback](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/feedback/-/issues/new?issuable_template=general_feedback).
2022-06-21 17:19:12 +05:30
You can securely store files for use in CI/CD pipelines as "secure files". These files
are stored securely outside of your project's repository, and are not version controlled.
It is safe to store sensitive information in these files. Secure files support both
plain text and binary file types.
2022-07-23 23:45:48 +05:30
You can manage secure files in the project settings, or with the [secure files API](../../api/secure_files.md).
2022-06-21 17:19:12 +05:30
Secure files can be [downloaded and used by CI/CD jobs](#use-secure-files-in-cicd-jobs)
2023-03-04 22:38:38 +05:30
by using the [download-secure-files](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files)
2022-06-21 17:19:12 +05:30
tool.
NOTE:
This feature is in active development and is likely to change, potentially in a breaking way.
Additional features and capabilities are planned.
## Add a secure file to a project
2022-07-23 23:45:48 +05:30
To add a secure file to a project:
2022-06-21 17:19:12 +05:30
2022-10-11 01:57:18 +05:30
1. On the top bar, select **Main menu > Projects** and find your project.
2022-07-23 23:45:48 +05:30
1. On the left sidebar, select **Settings > CI/CD**.
2022-08-27 11:52:29 +05:30
1. In the **Secure Files** section, select **Expand**.
2022-07-23 23:45:48 +05:30
1. Select **Upload File**.
1. Find the file to upload, select **Open**, and the file upload begins immediately.
The file shows up in the list when the upload is complete.
2022-06-21 17:19:12 +05:30
## Use secure files in CI/CD jobs
2023-03-04 22:38:38 +05:30
To use your secure files in a CI/CD job, you must use the [`download-secure-files`](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files)
2022-06-21 17:19:12 +05:30
tool to download the files in the job. After they are downloaded, you can use them
with your other script commands.
2023-03-04 22:38:38 +05:30
Add a command in the `script` section of your job to download the `download-secure-files` tool
2022-06-21 17:19:12 +05:30
and execute it. The files download into a `.secure_files` directory in the root of the project.
To change the download location for the secure files, set the path in the `SECURE_FILES_DOWNLOAD_PATH`
[CI/CD variable](../variables/index.md).
For example:
```yaml
test:
variables:
SECURE_FILES_DOWNLOAD_PATH: './where/files/should/go/'
script:
2023-03-04 22:38:38 +05:30
- curl --silent "https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files/-/raw/main/installer" | bash
2022-06-21 17:19:12 +05:30
```