Hi all,
I’m working on tightening secrets management in our CI/CD pipelines and wondered if anyone has integrated Passbolt with GitLab CI/CD variables—either directly or via an intermediate script/tool?
We currently use GitLab’s built-in secrets, but would prefer to pull secrets securely from Passbolt to reduce duplication and improve auditing.
If anyone has tips, workflows, or even just gotchas to avoid, I’d love to hear how you approached it.
Cheers,
Jhonn Mick
Hello @jhonnmick,
We published a blog post a while ago, I reckon most of it should still be applicable today: https://www.passbolt.com/blog/gitlab-ci-cd-and-passbolt-secrets-automation
One tip I have, is to be carefull at the frequency for which you’re pulling the secrets. E.g. if if you pull every seconds or multiple times per seconds, there will be an equivalent number of logs entries. We have a task to prune secret access in this context, but in the meantime, something to think about :).
Feel free to give it a try and post your feedback and suggestions for improvement if any, we’re very keen on improving that part of passbolt.
Cheers,
