Make api POST/PUT CI/CD variable values work with curl value=@...
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Proposal
Say I want to update a project CI/CD (file) variable with curl and I do the following:
curl -s --request PUT -H @gitlab-access-header.txt https://gitlab.com/api/v4/projects/${PROJECT_ID}/variables/foo -F "value=bar"This works fine of course. But if "bar" is a sensitive value, I don't want to run this command and have the value exposed to the host as a running process (just like I didn't want the PRIVATE-TOKEN header exposed, putting the setting in gitlab-access-header.txt).
So if I put "bar" in a file named foo.txt and do this:
curl -s --request PUT -H @gitlab-access-header.txt https://gitlab.com/api/v4/projects/${PROJECT_ID}/variables/foo -F "value=@foo.txt"... it doesn't work. GitLab's api does not like this slightly modified form content (because of the extra filename= and content-type?):
--------------------------26306ef25f5095ea
Content-Disposition: form-data; name="value"; filename="foo.txt"
Content-Type: application/octet-stream
bar
--------------------------26306ef25f5095ea--The api response complains:
{"error":"value is invalid"}Can you make it work? Otherwise I have to make something like a python script to update variables, to avoid exposing the value to the host processes.