Allow forked projects to access secret variables in the parent projects
Problem to solve
Born from #11934 (closed)
Issue Allow fork pipelines to run in parent project allows users to run and access pipelines in the parent project (even if they are not project members)
However, they have no access to any secrets in the parent project. Some customers may want to select some secret variables to be passed to such forked projects:
Forked projects cannot access
- Project/group-level secret variables
- Project/group-level specific runners,
- Service Integrations, by default.
Optionally, the parent project can allow forked projects to access these resources by enabling additional checkboxes.
Enterprise that uses forking workflow with GitLab
Create additional setting under CI/CD to allow to pass on variables The variables can be selected - it shouldn't be all or nothing. The selected variables should be able to be used in the forked projects, pending that the setting is enabled. If disabled, forked projects should not be able to access the secret variables.