### Overview The GitLab Secrets Manager is a built-in secrets management solution for CI pipelines with the same look and feel as other UIs in GitLab. We are focused on the CI use case due to the heavy usage of secrets in this part of the software development workflow, and limited third party integrations available in GitLab today. Typical secrets used in the CI workflow include production access credentials, API keys, and authentication tokens. Additionally, we want to offer a GitLab solution for: - Customers who are not already highly integrated with a provider that offers secrets management - Customers who are interested in keeping secrets within GitLab to limit potential external exposure - Customers who are not interested in maintaining a separate solution outside of GitLab for the CI use case The GitLab solution will be available for .com, Self-managed, and Dedicated product lines. We believe by providing a native solution that is easy to use (out of the box) and has a familiar look and feel (UI), we can drive adoption of more secure development process and help increase security posture of our customers. ### Vision GitLab Secrets Manager will eliminate the need for the developers to store secrets in CI variables (as these are not secure). Eventually, we want to create a frictionless automation for other secrets within GitLab (i.e. access tokens) and our secrets manager, further reducing potential exposure from generating and displaying sensitive credentials. ### Roadmap/Goals **Phase 1.0 - GA launch:** Basic secrets management for use in GitLab's CI workflows at the project level-only. - [ ] [Closed experiment](https://gitlab.com/groups/gitlab-org/-/epics/14243) - %"18.2" - [ ] [Beta](https://gitlab.com/groups/gitlab-org/-/epics/16319) - %"18.8" (Tentative for GitLab.com and self-managed deployments via Helm chart) - [ ] [GA launch](https://gitlab.com/groups/gitlab-org/-/epics/10723) - %"19.0" **Phase 1.1+ - Strengthening our offering:** Post-launch, we will evaluate adoption and build additional features as we [iterate to mature](https://about.gitlab.com/direction/#maturity) our secrets manager. - [ ] [2025-2026 planning](https://gitlab.com/groups/gitlab-org/-/epics/11483) - TBD (will be dependent on adoption of GA product) **Phase 2.0 - Other non-CI GitLab use cases:** using our secrets manager beyond CI with a focus on GitLab use cases i.e. CD/Package/etc. Additional research is required before building out the secrets manager for non-CI use cases. ### Status To stay up to date on our project plan and status for Phase 1.0, you can follow https://gitlab.com/gitlab-org/gitlab/-/issues/512190.