Add namespace to presented GitLab Secrets path
What does this MR do and why?
Add namespace to presented GitLab Secrets path
When adding namespace support, we did not correctly test against runner: older versions of runner without GitLab Secrets Manager support silently ignore the keyword sent by Rails. This means a workflow like:
sample-job:
secrets:
TEST_SECRET:
gitlab_secrets_manager:
name: my_test_secret
script:
- cat $TEST_SECRETwould yield an empty output with a passing CI pipeline. This is unfortunate as it hides that the job actually (would) fail if Runner was updated.
This scenario will ultimately be covered in e2e tests.
References
See also: #554281 (closed)
See also: gitlab-runner!5918 (merged)
See also: !206291
Signed-off-by: Alexander Scheel ascheel@gitlab.com
How to set up and validate locally
- Pull a version of runner with gitlab-runner!5918 (merged)
- Enable OpenBao in GDK
- Enable secrets on a project, create a secret, add a pipeline:
sample-job: secrets: TEST_SECRET: gitlab_secrets_manager: name: my_test_secret script: - cat $TEST_SECRET | wc - Ensure
wcoutput is non-zero.
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.