๐ Example You Gave:
DOCKER_IMAGE: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
Code language: JavaScript (javascript)
๐น Explanation:
| Variable | Purpose |
|---|---|
CI_REGISTRY_IMAGE | Built-in CI variable โ the full image path for your projectโs Container Registry (e.g., registry.gitlab.com/mygroup/myproject) |
CI_COMMIT_REF_SLUG | Built-in CI variable โ a simplified, URL-safe version of your branch/tag name (e.g., main, feature-login) |
DOCKER_IMAGE | Custom variable created inside gitlab-ci.yml by using other variables |
โก๏ธ This means you’re building something like:
DOCKER_IMAGE=registry.gitlab.com/mygroup/myproject:main
๐ฆ Ways to Define Variables in GitLab
Here are all the places where you can define and use GitLab CI/CD variables, and how they behave:
1. ๐งพ gitlab-ci.yml (Project-Level Static)
variables:
ENV: "production"
DOCKER_IMAGE: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
Code language: JavaScript (javascript)
| โ
Use Case | Fixed values used across the pipeline (e.g., timeouts, env labels) |
| โ ๏ธ Security | Not encrypted; not for secrets |
| ๐ Scope | Global or job-specific |
2. ๐ GitLab UI โ Project Settings > CI/CD > Variables
GitLab.com path: Project โ Settings โ CI/CD โ Variables
| โ
Use Case | Store secrets, API keys, tokens, passwords |
| ๐ Security | Encrypted at rest, not visible in job logs by default |
| ๐ง Scope | Project, group, or environment |
| ๐ Runtime options | Protect (only runs on protected branches/tags), Mask (hide value), File (export as file) |
3. ๐ Group-Level CI/CD Variables
Group โ Settings โ CI/CD โ Variables
| โ
Use Case | Share CI/CD secrets across multiple projects in a group |
| ๐ฆ Example | Docker credentials, shared API tokens |
| ๐ Inherited by | All projects within the group/subgroup (unless overridden) |
4. ๐ง Environment-Specific Variables (Scoped)
In the UI, add a variable and set its scope:
Key: AWS_KEY
Environment scope: staging
| โ
Use Case | Different values for dev, staging, production |
| โ ๏ธ Behavior | Used only in jobs running for that environment |
| ๐ Tip | Use environment: keyword in job to match |
5. ๐งช Job-Level Variable Overrides
deploy_prod:
stage: deploy
script:
- echo $ENVIRONMENT
variables:
ENVIRONMENT: "production"
Code language: PHP (php)
| โ
Use Case | Override for one job only |
| ๐ Scope | Temporary within that job |
| ๐งฉ Can override global/project/group variables โ
|
6. โจ๏ธ Trigger Pipeline Variables (via API or UI)
Trigger pipeline with dynamic values:
curl --request POST \
--form token=TRIGGER_TOKEN \
--form ref=main \
--form "variables[RELEASE_ENV]=staging" \
https://gitlab.com/api/v4/projects/123456/trigger/pipeline
Code language: JavaScript (javascript)
| โ
Use Case | External scripts, GitOps, dynamic environments |
| ๐ฉ Value injected | At pipeline run time |
7. ๐งฑ .gitlab-ci.yml Includes + Templates
Variables can also come from included YAML:
include:
- project: 'common/ci-templates'
file: '/templates/vars.yml'
Code language: PHP (php)
โ Summary Table
| Method | Encrypted? | Scope | Best For |
|---|---|---|---|
.gitlab-ci.yml | โ | Global/Job | Static config vars, labels |
| Project UI Variables | โ | Project-wide | Secrets, tokens, credentials |
| Group Variables | โ | Multi-project | Shared cloud keys, API access |
| Environment-Scoped Variables | โ | Per environment | Per-env secrets (e.g., AWS creds) |
| Job-Level Variables | โ | Single job | Overrides, temp flags |
| Trigger Variables (API/UI) | โ | Pipeline runtime | GitOps, external triggers |
Would you like:
- A visual map of where each variable type fits in CI/CD flow?
- A script or
.ymltemplate showing overrides in action? - Best practices to secure variables in shared runners?
I’m Rajesh Kumar, a DevOps, SRE, DevSecOps, Cloud, and Platform Engineering expert passionate about sharing practical knowledge, real-world experiences, and industry best practices. I have worked at Cotocus and regularly write about technology, travel, investing, health, product reviews, and digital marketing through my various platforms.
I publish technical articles at DevOps School, travel stories at Holiday Landmark, stock market insights at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at TrueReviewNow, and SEO and digital marketing strategies at Wizbrand.
Find Trusted Cardiac Hospitals
Compare heart hospitals by city and services โ all in one place.
Explore Hospitals