Use CI variables in other Files

I am using Gitlab CI/CD to deploy my application into Openshift. The application is PHP based and has a database connection in the background.
I don’t want to openly write the sensitive data like password in my PHP file.
Is there any way to store the password as a CI variable and use it outside the pipeline?
Or can I access CI variables outside the pipeline and if so how?

Hi @Citfoobar

Many frameworks have a special file for holding these sorts of environment variables and secrets, e.g. Laravel has .env. In this case, you would write your (usually masked) CI variable into the .env file in one of your pipeline jobs. For example:

    - prepare

     stage: prepare
             - .env
         expire_in: 2 weeks

Yes, like @snim2 suggested, store the variables in your Project’s CI/CD Variables (Settings → CI/CD → Variables), mask them, protect them if required and then use sed or simply echo them to .env file or similar.

If you are using some other secrets manager in your company you can also fetch them from there instead of saving in GitLab CI/CD Variables.