=_('Environment variables are applied to all project environments in this instance via the Runner. You can use environment variables for passwords, secret keys, etc. Make variables available to the running application by prepending the variable key with <code>K8S_SECRET_</code>. You can set variables to be:').html_safe
%ul
%li
=_('<code>Protected</code> to expose them to protected branches or tags only.').html_safe
%li
=_('<code>Masked</code> to prevent the values from being displayed in job logs (must match certain regexp requirements).').html_safe
=s_('Environment variables on this GitLab instance are configured to be %{link_start}protected%{link_end} by default').html_safe%{link_start: link_start,link_end: '</a>'.html_safe}
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14108) in GitLab 13.0.
Instance variables are useful for no longer needing to manually enter the same credentials repeatedly for all your projects. Instance-level variables are available to all projects and groups on the instance.
NOTE: **Note:**
The maximum number of instance-level variables is [planned to be 25](https://gitlab.com/gitlab-org/gitlab/-/issues/216097).
You can define instance-level variables via the UI or [API](../../api/instance_level_ci_variables.md).
To add an instance-level variable:
1. Navigate to your admin area's **Settings > CI/CD** and expand the **Variables** section.
1. Click the **Add variable** button, and fill in the details:
- **Key**: Must be one line, using only letters, numbers, or `_` (underscore), with no spaces.
- **Value**: 700 characters allowed.
- **Type**: `File` or `Variable`.
- **Protect variable** (Optional): If selected, the variable will only be available in pipelines that run on protected branches or tags.
- **Mask variable** (Optional): If selected, the variable's **Value** will not be shown in job logs. The variable will not be saved if the value does not meet the [masking requirements](#masked-variable-requirements).
After a variable is created, you can update any of the details by clicking the **{pencil}****Edit** button.
### Enable or disable UI interface for instance-level CI/CD variables
The UI interface for Instance-level CI/CD variables is under development but ready for production use.
It is deployed behind a feature flag that is **enabled by default**.
[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) can opt to disable it for your instance.
NOTE: **Note:**
This feature will not work if the [instance-level CI/CD variables API feature flag is disabled](../../api/instance_level_ci_variables.md#enable-or-disable-instance-level-cicd-variables-core-only).
To disable it:
```ruby
Feature.disable(:instance_variables_ui)
```
To enable it:
```ruby
Feature.enable(:instance_variables_ui)
```
## Inherit environment variables
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22638) in GitLab 13.0.
msgid "<code>\"johnsmith@example.com\": \"johnsmith@example.com\"</code> will add \"By <a href=\"#\">johnsmith@example.com</a>\" to all issues and comments originally created by johnsmith@example.com. By default, the email address or username is masked to ensure the user's privacy. Use this option if you want to show the full email address."
msgstr ""
msgid "<code>Masked</code> to prevent the values from being displayed in job logs (must match certain regexp requirements)."
msgstr ""
msgid "<code>Protected</code> to expose them to protected branches or tags only."
msgstr ""
msgid "<namespace / project>"
msgstr ""
...
...
@@ -8489,12 +8495,18 @@ msgstr ""
msgid "Environment scope"
msgstr ""
msgid "Environment variables are applied to all project environments in this instance via the Runner. You can use environment variables for passwords, secret keys, etc. Make variables available to the running application by prepending the variable key with <code>K8S_SECRET_</code>. You can set variables to be:"
msgstr ""
msgid "Environment variables are applied to environments via the runner. They can be protected by only exposing them to protected branches or tags. Additionally, they can be masked so they are hidden in job logs, though they must match certain regexp requirements to do so. You can use environment variables for passwords, secret keys, or whatever you want."
msgstr ""
msgid "Environment variables are configured by your administrator to be %{link_start}protected%{link_end} by default"
msgstr ""
msgid "Environment variables on this GitLab instance are configured to be %{link_start}protected%{link_end} by default"