You can securely store up to 100 files for use in CI/CD pipelines as secure files. These files are stored securely outside of your project’s repository and are not version controlled. It is safe to store sensitive information in these files. Secure files support both plain text and binary file types but must be 5 MB or less.
You can manage secure files in the project settings, or with the secure files API.
To add a secure file to a project:
- On the left sidebar, select Search or go to and find your project.
- Select Settings > CI/CD.
- Expand the Secure Files section.
- Select Upload File.
- Find the file to upload, select Open, and the file upload begins immediately. The file shows up in the list when the upload is complete.
To use your secure files in a CI/CD job, you must use the
tool to download the files in the job. After they are downloaded, you can use them
with your other script commands.
Add a command in the
script section of your job to download the
and execute it. The files download into a
.secure_files directory in the root of the project.
To change the download location for the secure files, set the path in the
test: variables: SECURE_FILES_DOWNLOAD_PATH: './where/files/should/go/' script: - curl --silent "https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files/-/raw/main/installer" | bash
download-secure-filestool are not masked in the job log output. Make sure to avoid outputting secure file contents in the job log, especially when logging output that could contain sensitive information.