vkuznetsov/gitlab-ci-vars-setter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gitlab-ci-vars-setter/README.md

135 lines
4.4 KiB
Markdown
Raw Permalink Blame History

# set-gitlab-vars
Universal script for setting GitLab CI/CD variables via API.
## Features
- Set variables in bulk from a YAML file or individually via CLI arguments
- Supports all GitLab variable options: environment scope, variable type (env_var/file), protected, raw, masked, masked_and_hidden, and description
- Handles both creation and update of variables (idempotent)
- Supports multiline and special characters for file and env_var types
- YAML input supports full variable configuration, including descriptions
- CLI input supports quick single variable setting
## Requirements
- Bash (Linux/macOS)
- `curl`
- `yq` (for YAML input, see [yq installation](https://github.com/mikefarah/yq/#install))
## Usage
### 1. Bulk from YAML file
```sh
export GITLAB_URL="https://gitlab.example.com"
export PROJECT=1 # or export PROJECT=owner_or_group/repo
export GITLAB_TOKEN=... # token with api scope
./set-gitlab-vars path/to/file.yml
```
#### YAML file structure
```yaml
MY_SECRET:
value: "supervalue" # required
environment_scope: "Dev" # optional
variable_type: "file" # optional (default: env_var)
protected: true # optional (default: false)
raw: false # optional (default: true)
masked: false # optional (default: false)
masked_and_hidden: false # optional (default: false)
description: "Secret for Dev" # optional (default: null)
```
### 2. Single variable via arguments
```sh
./set-gitlab-vars VAR_NAME VAR_VALUE [ENV_SCOPE] [VAR_TYPE] [PROTECTED] [RAW] [MASKED] [MASKED_AND_HIDDEN]
# Example:
./set-gitlab-vars MY_SECRET "supervalue" "Production" "file" true true false false
```
- Only `VAR_NAME` and `VAR_VALUE` are required. Other options are optional and default as in YAML.
- `description` is only supported via YAML.
### 3. Help
```sh
./set-gitlab-vars --help
```
## Required Environment Variables
- `GITLAB_URL` — GitLab address (e.g. `https://gitlab.example.com`)
- `PROJECT` — project ID or path (e.g. `1` or `owner_or_group/repo`)
- `GITLAB_TOKEN` — token with api scope
## Notes
- All boolean options (protected, raw, masked, masked_and_hidden) default to false except raw (default: true).
- For file variables, multiline and special characters are supported.
- For env_var variables, multiline values are supported via form-data.
- All options are supported both in YAML and via CLI (except description, which is YAML only).
## Error Handling
- The script will print errors and exit if required environment variables are missing or if the GitLab API returns an error.
- If a variable already exists, it will be updated instead of created.
## JSON Schema for YAML Validation
A JSON schema file `gitlab-vars-schema.json` is included in this repository. You can use it to validate your YAML variable files for correctness and completeness before applying them with `set-gitlab-vars`.
### Usage Example (with `yamllint` and `ajv`)
1. Convert your YAML to JSON (if needed):
```sh
yq -o=json path/to/file.yml > file.json
```
2. Validate with `ajv`:
```sh
ajv validate -s gitlab-vars-schema.json -d file.json
```
- The schema ensures all required fields and types are correct for each variable.
- This helps catch errors early and maintain consistency in your CI/CD variable definitions.
For more details on the schema, see the `gitlab-vars-schema.json` file.
## Yamale Schema Validation
A Yamale schema (`gitlab-vars.yamale`) is provided for validating your GitLab CI/CD variables YAML files.
### Example Usage
1. Install Yamale (if not already installed):
```sh
pip install yamale
```
2. Validate your YAML file:
```sh
yamale -s gitlab-vars.yamale path/to/your-vars.yml
```
- Each top-level key in your YAML file should be a variable name.
- The value for each variable is a mapping with the following fields:
- `value` (string, required)
- `environment_scope` (string, optional)
- `variable_type` (string, optional)
- `protected` (boolean, optional)
- `raw` (boolean, optional)
- `masked` (boolean, optional)
- `masked_and_hidden` (boolean, optional)
- `description` (string or null, optional)
#### Example YAML file
```yaml
MY_SECRET:
value: "supervalue"
environment_scope: "Dev"
variable_type: "file"
protected: true
raw: false
masked: false
masked_and_hidden: false
description: "Secret for Dev"
```
For more details, see the `gitlab-vars.yamale` file.
## License
See [LICENSE](LICENSE).
Reference in New Issue View Git Blame Copy Permalink