We are trying to utilize an external container orchestration system in our GitLab CI. The problem that we’ve run into is that we’d like the GitLab CI pipeline to be able to authenticate as the user who triggered the build, by manual trigger (think, deployment to production) or by pushing a commit.
Please correct me if I’m wrong, but the problem seems to be one of getting user-specific secrets into the build. Project secret variables aren’t not user-specific, and the few user-specific variables (GITLAB_USER_ID
, GITLAB_USER_EMAIL
) are not secret (and, therefore, not sufficient for authentication).
I’m curious what the community thinks about another level of variables, in addition to the ones in the list here:
- Trigger variables (take precedence over all)
- Secret variables
- YAML-defined job-level variables
- YAML-defined global variables
- Deployment variables
- Predefined variables (are the lowest in the chain)
Consider that user profiles could also possess variables that would be injected into the build, alongside existing secret (project) variables (second item in the above list).
There are some problems with this… as noted in the link above, it is up to the build pipeline to maintain the secrecy of these; this may be even more important when they are tied to a specific user.
Related to this, a user may not want all projects to have access to all (or any) variables. You can imagine many complicated schemes for tracking this, but a simple one would be that trusted projects have access to all of your user variables and that (default) untrusted projects have access to none of them.
Thoughts?