Show specified variables for manual pipelines after pipeline is created

Description

GitLab 10.8.0 introduced the ability for users to specify variables when running a pipeline manually. Once a pipeline is created however, the values of the specified variables are not able to be seen. This can make it difficult to fully reason about what should have happened for a manually created pipeline or where an error took place (e.g. human error through a typo).

Proposal

To address the above, users need a way to see the variables they specified when manually running a pipeline. We suggest surfacing this information on the Job Log page.

The proposed design follows the principles of being "secure by default" and "secure by design." All specified variables will be shown with their values hidden by default. Only privileged roles/users can reveal these values. We've chosen this approach for the following reasons:

• Anyone can access pipeline pages in public projects by default. Therefore, it's important to hide variable values to prevent accidental exposure of secrets added as variables in manual pipelines.
• Different security concerns exist between non-protected and protected branches/tags, as detailed in this comment thread.
• To maintain consistency with the security measures applied to CI/CD variables.

While surfacing variables on the pipeline detail page is worth considering, it could quickly introduce complexity and performance challenges as we expand to include more variables from different sources. We'll explore this opportunity in issue View the variables entered when running a manua... (#323097 - closed). We'll focus on displaying manually specified pipeline run variables in the job log for this issue.

Context

• Specify variables when executing a manual pipeline from the UI
• Resolve "Specify variables when executing a manual pipeline from the UI"

Old proposal

Include a list of variables specified solely for the pipeline in the sidebar. Poorly designed proposal sketch: