Some folks on my team have requested to put values retrieved from a secret store (AWS Secrets Manager) into the Gitlab CI “artifact” construct, and pass them along to downstream stages.
I feel like there could be potential for the values to ‘leak’ if used this way and it seems like the artifact is not meant for that kind of use-case.
Is this advisable or not? I was trying to look through the documentation on an answer to this question, and I see we could set a quick expiry on the artifacts, but I worry about whether access could be gamed through other means to get at these values when you’re not supposed to.
If the answer is yes or no, it would be nice to have the documentation call this out explicitly.