Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours scrolling social media and waste money on things we forget, but won’t spend 30 minutes a day earning certifications that can change our lives.
Master in DevOps, SRE, DevSecOps & MLOps by DevOpsSchool!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

Gitlab: Method to Define Variables in GitLab


🔍 Example You Gave:

DOCKER_IMAGE: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
Code language: JavaScript (javascript)

🔹 Explanation:

VariablePurpose
CI_REGISTRY_IMAGEBuilt-in CI variable — the full image path for your project’s Container Registry (e.g., registry.gitlab.com/mygroup/myproject)
CI_COMMIT_REF_SLUGBuilt-in CI variable — a simplified, URL-safe version of your branch/tag name (e.g., main, feature-login)
DOCKER_IMAGECustom variable created inside gitlab-ci.yml by using other variables

➡️ This means you’re building something like:

DOCKER_IMAGE=registry.gitlab.com/mygroup/myproject:main

📦 Ways to Define Variables in GitLab

Here are all the places where you can define and use GitLab CI/CD variables, and how they behave:


1. 🧾 gitlab-ci.yml (Project-Level Static)

variables:
  ENV: "production"
  DOCKER_IMAGE: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
Code language: JavaScript (javascript)

| ✅ Use Case | Fixed values used across the pipeline (e.g., timeouts, env labels) |
| ⚠️ Security | Not encrypted; not for secrets |
| 🔁 Scope | Global or job-specific |


2. 🔒 GitLab UI → Project Settings > CI/CD > Variables

GitLab.com path: Project → Settings → CI/CD → Variables

| ✅ Use Case | Store secrets, API keys, tokens, passwords |
| 🔒 Security | Encrypted at rest, not visible in job logs by default |
| 🧠 Scope | Project, group, or environment |
| 🔄 Runtime options | Protect (only runs on protected branches/tags), Mask (hide value), File (export as file) |


3. 🌍 Group-Level CI/CD Variables

Group → Settings → CI/CD → Variables

| ✅ Use Case | Share CI/CD secrets across multiple projects in a group |
| 📦 Example | Docker credentials, shared API tokens |
| 📌 Inherited by | All projects within the group/subgroup (unless overridden) |


4. 🧠 Environment-Specific Variables (Scoped)

In the UI, add a variable and set its scope:

Key: AWS_KEY
Environment scope: staging

| ✅ Use Case | Different values for dev, staging, production |
| ⚠️ Behavior | Used only in jobs running for that environment |
| 📌 Tip | Use environment: keyword in job to match |


5. 🧪 Job-Level Variable Overrides

deploy_prod:
  stage: deploy
  script:
    - echo $ENVIRONMENT
  variables:
    ENVIRONMENT: "production"
Code language: PHP (php)

| ✅ Use Case | Override for one job only |
| 🔁 Scope | Temporary within that job |
| 🧩 Can override global/project/group variables ✅ |


6. ⌨️ Trigger Pipeline Variables (via API or UI)

Trigger pipeline with dynamic values:

curl --request POST \
  --form token=TRIGGER_TOKEN \
  --form ref=main \
  --form "variables[RELEASE_ENV]=staging" \
  https://gitlab.com/api/v4/projects/123456/trigger/pipeline
Code language: JavaScript (javascript)

| ✅ Use Case | External scripts, GitOps, dynamic environments |
| 📩 Value injected | At pipeline run time |


7. 🧱 .gitlab-ci.yml Includes + Templates

Variables can also come from included YAML:

include:
  - project: 'common/ci-templates'
    file: '/templates/vars.yml'
Code language: PHP (php)

✅ Summary Table

MethodEncrypted?ScopeBest For
.gitlab-ci.ymlGlobal/JobStatic config vars, labels
Project UI VariablesProject-wideSecrets, tokens, credentials
Group VariablesMulti-projectShared cloud keys, API access
Environment-Scoped VariablesPer environmentPer-env secrets (e.g., AWS creds)
Job-Level VariablesSingle jobOverrides, temp flags
Trigger Variables (API/UI)Pipeline runtimeGitOps, external triggers

Would you like:

  • A visual map of where each variable type fits in CI/CD flow?
  • A script or .yml template showing overrides in action?
  • Best practices to secure variables in shared runners?

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

Certification Courses

DevOpsSchool has introduced a series of professional certification courses designed to enhance your skills and expertise in cutting-edge technologies and methodologies. Whether you are aiming to excel in development, security, or operations, these certifications provide a comprehensive learning experience. Explore the following programs:

DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.

0
Would love your thoughts, please comment.x
()
x