2022-06-21 17:19:12 +05:30
---
stage: Verify
2023-05-27 22:25:52 +05:30
group: Pipeline Security
2022-11-25 23:54:43 +05:30
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
2022-06-21 17:19:12 +05:30
type: reference
---
# Project-level Secure Files **(FREE)**
2023-03-17 16:20:25 +05:30
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/78227) in GitLab 14.8. [Deployed behind the `ci_secure_files` flag](../../administration/feature_flags.md), disabled by default.
> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/350748) in GitLab 15.7.
2022-06-21 17:19:12 +05:30
2023-03-17 16:20:25 +05:30
Project-level Secure Files is an experimental feature developed by [GitLab Incubation Engineering ](https://about.gitlab.com/handbook/engineering/incubation/ ).
The feature is still in development, but you can:
2022-11-25 23:54:43 +05:30
- [Request a feature ](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/feedback/-/issues/new?issuable_template=feature_request ).
- [Report a bug ](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/feedback/-/issues/new?issuable_template=report_bug ).
- [Share feedback ](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/feedback/-/issues/new?issuable_template=general_feedback ).
2022-06-21 17:19:12 +05:30
2023-03-17 16:20:25 +05:30
You can securely store up to 100 files for use in CI/CD pipelines as "secure files". These files
2022-06-21 17:19:12 +05:30
are stored securely outside of your project's repository, and are not version controlled.
It is safe to store sensitive information in these files. Secure files support both
2023-03-17 16:20:25 +05:30
plain text and binary file types, but must be 5 MB or less.
2022-06-21 17:19:12 +05:30
2022-07-23 23:45:48 +05:30
You can manage secure files in the project settings, or with the [secure files API ](../../api/secure_files.md ).
2022-06-21 17:19:12 +05:30
Secure files can be [downloaded and used by CI/CD jobs ](#use-secure-files-in-cicd-jobs )
2023-03-04 22:38:38 +05:30
by using the [download-secure-files ](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files )
2022-06-21 17:19:12 +05:30
tool.
## Add a secure file to a project
2022-07-23 23:45:48 +05:30
To add a secure file to a project:
2022-06-21 17:19:12 +05:30
2022-10-11 01:57:18 +05:30
1. On the top bar, select **Main menu > Projects** and find your project.
2022-07-23 23:45:48 +05:30
1. On the left sidebar, select **Settings > CI/CD** .
2022-08-27 11:52:29 +05:30
1. In the **Secure Files** section, select **Expand** .
2022-07-23 23:45:48 +05:30
1. Select **Upload File** .
1. Find the file to upload, select **Open** , and the file upload begins immediately.
The file shows up in the list when the upload is complete.
2022-06-21 17:19:12 +05:30
## Use secure files in CI/CD jobs
2023-03-04 22:38:38 +05:30
To use your secure files in a CI/CD job, you must use the [`download-secure-files` ](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files )
2022-06-21 17:19:12 +05:30
tool to download the files in the job. After they are downloaded, you can use them
with your other script commands.
2023-03-04 22:38:38 +05:30
Add a command in the `script` section of your job to download the `download-secure-files` tool
2022-06-21 17:19:12 +05:30
and execute it. The files download into a `.secure_files` directory in the root of the project.
To change the download location for the secure files, set the path in the `SECURE_FILES_DOWNLOAD_PATH`
[CI/CD variable ](../variables/index.md ).
For example:
```yaml
test:
variables:
SECURE_FILES_DOWNLOAD_PATH: './where/files/should/go/'
script:
2023-03-04 22:38:38 +05:30
- curl --silent "https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files/-/raw/main/installer" | bash
2022-06-21 17:19:12 +05:30
```