Protected secret variables UI inconsistent
Summary
The UI for secret/protected variables is inconsistent/buggy when dealing with the same variable names across multiple environments. There are multiple bugs/inconsistencies, they'll be highlighted in bold in the steps to reproduce.
Steps to reproduce
- Create a project w/ a CI file that creates 3 environments. I used
Integration,Pre-ProductionandProduction - Run the pipeline & wait for it to finish.
- Go to CI/CD Settings -> Secret Variables.
- Create a variable. Select Protected and Select the "Integration" environment.
- The "Environment" dropdown does not populate with the environments created via step 1. The workaround is to create a wildcard for the "Integration" environment.
- Create 2 more variables with the same name/key for the other environments (see screenshots below).
- For any of the above variables, drop down the environment and de-select the currently selected environment.
- The Environments box still shows the de-selected item. (screenshot 1)
- If you drop down the environments again, the selection is not visible (screenshot 1)
-
If you save, you will not get an error, but if you click
reveal valuesthensaveagain you'll get an error (screenshot 2)
We've seen additional errors when modifying fields other than the environment, but those seem to be more inconsistent. We've identified that modifying multiple of the variables at once causes more issues.
If you play around with different changes within the secret variables, you will see there is inconsistency in some of the above. Sometimes you'll get an error message, other times it works. It's very confusing and difficult to trust. We've had some users report they lost the updated values because it didn't save when they expected it to.
The real use case we're targeting here is managing AWS credentials depending on the environment you're targeting. It compounds the problem because you'll have 3 variables per environment. The UI behavior makes it difficult to effectively manage these.
Example Project
https://gitlab.com/joe.conrady/ci-variables-test
Feel free to use/modify the above project. It was specifically created for this issue.
Relevant logs and/or screenshots
Output of checks
Happens on GitLab.com
Possible fixes
We've found updating/creating only one entry at a time in the secret variables appears to avoid most of the above problems.
Activity
added customer+ label
This is for an Enterprise customer... https://gitlab.my.salesforce.com/00161000006g08Q
/cc: @bikebilly
Thanks for the report!
The behavior of
4depends on the fact that the list is not fetching the existing environments, but just the existing wildcards from other variables.The behavior of
6is probably not exactly what is expected, we are discussing about a UX improvement in https://gitlab.com/gitlab-org/gitlab-ee/issues/5313 that is aimed to solve these concerns.Feel free to comment further on this topic here or in the related issues.
added devopsverify label
changed milestone to %Awaiting further demand
added [deprecated] Accepting merge requests label
added grouppipeline execution label
added Category:Continuous Integration label and removed grouppipeline execution label
added grouppipeline execution label
Hey!
GitLab is moving all development for both GitLab Community Edition and Enterprise Edition into a single codebase. The current
gitlab-cerepository will become a read-only mirror, without any proprietary code. All development is moved to the currentgitlab-eerepository, which we will rename to justgitlabin the coming weeks. As part of this migration, issues will be moved to the currentgitlab-eeproject.If you have any questions about all of this, please ask them in our dedicated FAQ issue.
https://gitlab.com/gitlab-org/gitlab-ee/issues/13855You can also find more information here:
https://gitlab.com/gitlab-org/gitlab-ee/issues/13304- https://about.gitlab.com/2019/08/23/a-single-codebase-for-gitlab-community-and-enterprise-edition/
Frequently Asked Questions
For an up to date list of questions and answers, please take a look at
https://gitlab.com/gitlab-org/gitlab-ee/issues/13855What will we do with the repository names?
https://gitlab.com/gitlab-org/gitlab-ee/ will become https://gitlab.com/gitlab-org/gitlab, and https://gitlab.com/gitlab-org/gitlab-ce will become https://gitlab.com/gitlab-org/gitlab-foss.
Why rename gitlab-ce to gitlab-foss?
Using "gitlab" and "gitlab-ce" would be confusing, so we decided to rename gitlab-ce to gitlab-foss to make the purpose of this FOSS repository more clear
I created a merge requests for CE, and this got closed. What do I need to do?
You will need to create a merge request at https://gitlab.com/gitlab-org/gitlab-ee/. This link will eventually redirect to https://gitlab.com/gitlab-org/gitlab.
How does the licensing work in this new setup?
Everything in the
ee/directory is proprietary. Everything else is free and open source software. If your merge request does not change anything in theee/directory, the process of contributing changes is the same as when using the gitlab-ce repository.Will you accept merge requests on the gitlab-ce/gitlab-foss project after it has been renamed?
No. Merge requests submitted to this project will be closed automatically.
Will I still be able to view old issues and merge requests in gitlab-ce/gitlab-foss?
Yes.
How will this affect users of GitLab CE using Omnibus?
No changes will be necessary, as the packages built remain the same.
How will this affect users of GitLab CE that build from source?
Once the project has been renamed, you will need to change your Git remotes to use this new URL. GitLab will take care of redirecting Git operations so there is no hard deadline, but we recommend doing this as soon as the projects have been renamed.
Where can I see a timeline of the remaining steps?
https://gitlab.com/gitlab-org/gitlab-ee/issues/13304Will community contributions submitted to the new "gitlab" repository be available in the new gitlab-foss repository?
Yes, these changes will be synced to gitlab-foss automatically, several times per day.
