问题
Is there a way to export environment variables from one stage to the next in GitLab CI? I'm looking for something similar to the job artifacts feature, only for environment variables instead of files.
Let's say I'm configuring the build in a configure stage and want to store the results as (secret, protected) environment variables for the next stages to use. I could safe the configuration in files and store them as job artifacts but I'm concerned about secrets beeing made available in files than can be downloaded by everyone.
回答1:
No this feature is not here yet, but there is already an issue for this topic.
My suggestion would be that you are saving the variables in a files and cache them, as these will be not downloadable and will be removed on finish of the job.
If you want to be 100% sure you can delete it manually. See the clean_up stage.
e.g.
cache:
paths:
- save_file
stages:
- job_name_1
- job_name_2
- clean_up
job_name_1:
script:
- (your_task) >> save_file
job_name_2:
script:
- cat save_file | do_something_with_content
clean_up:
script:
- rm save_file
when: always
回答2:
Settings -> CI/CD -> Variables, from there you can add you sensitive environments.
If the environments are generated by previous stage and not so sensitive, the artifacts can be used for sure. (In this case, all users have access to the repo should be able to download the environments and read them)
In case of sensitive environments were auto generated, I guess some 3rd party system can be used to support sending environments after generated, and fetch them from later stages, e.g.
来源:https://stackoverflow.com/questions/44774520/exporting-environment-variables-from-one-stage-to-the-next-in-gitlab-ci