Default to file for CI ENV variable type
What does this MR do and why?
As described at #29407 (comment 1211032688) using CI ENV variable type of variable
instead of file
can lead to variable content leaking into job logs which can lead to sever security incidents eg: https://gitlab.com/gitlab-sirt/incident_3555/-/issues/1#note_1368236995 This MR change default selection for CI ENV variable type to file
since it reduce a risk of unintentional selection of insecure type and causing an security breach.
Screenshots or screen recordings
on master branch
on feature branch
How to set up and validate locally
Visit http://gdk.test:3000/gitlab-org/gitlab-test/-/pipeline_schedules/new and check what is the default type of env variable pre selected in dropdown as in the movies from previous section
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.