I am attempting to use multi-project pipelines for security scans. I would like to store secure keys in the downstream project. Currently I can only store the variables in the upstream project.
I have tried adding the variable in both projects upstream and downstream but it only works in the upstream project. I would think that the variable hierarchy would look in the downstream project first. Any suggestions would be appreciated. Thanks.
I tried using inherit: variables: false no luck. The issue is I need to have the variable in the group level variables in order for the variable to be used. I would like it to live in the subgroup of the downstream project. I have tried it in a few locations but the downstream pipeline does not seem to recognize it unless it is in the Main Group. I might add that the Project B is only a collection of jobs triggered from the upstream pipeline in Project A. There is no gitlab-ci.yml in Project B
I am kinda lost here, how do you trigger the downstream pipeline if there is no .gitlab-ci.yml in Project B? There must be one, otherwise multi-project pipelines won’t work.
Back to the variable issues.
Let’s say you define a CI/CD variable on Subgroup B called TEST_VAR with some value.
If you use multi-project pipelines to trigger a Project B pipeline from Project A pipeline the variable TEST_VAR is accessible in all jobs in Project B pipelines.
Thanks for following up. I have a yaml file in Project B that I am calling from the trigger job in Project A
- project: 'group/subgroup/project'
I have not been able to use the variable in Project B. But the Project B job does use the variable in the Main Group variables. I have seen other anomalies with variable inheritance and manual pipeline variables when using multi-project pipelines. I will make a specific post regarding that issue though.
you are using parent-child pipelines, not multi-project pipelines. That means that the pipeline is run in scope of Project A and nothing from Project B is taken into account. This also means you can’t see any pipeline in Project B Pipelines page.