►
From YouTube: Demo project attribute "restrict_user_defined_variables"
Description
Use "restrict_user_defined_variables" project attribute to allow only Maintainer role (and above) to override variables when running pipelines manually.
Docs: https://docs.gitlab.com/ee/ci/variables/README.html#restrict-who-can-override-variables
A
Let's
see,
let's
look
at
real
quick
test
id
ndn207,
so
we
looked
at
this
project
and
we
did
a
get
on
that
project
ending
in
207,
we'll
see
in
line
90.
The
default
behavior
is
to
allow
to
make
this
false,
where
we
would
not
restrict
users
defining
variables
when
it's
set
to
false
users,
developer
roles.
For
example,
can
we
looked
at
this
project?
There's
a
developer
role
for
tau
tester,
I'm
logged
in
here
in
an
incognito
window
as
tau
tester,
so
I
should
be
able
to
entering
these
variables
override
what
was
originally
actually.
A
And
you
see
the
pipeline
is
writing
details
up
here
now.
If
I
went
in-
and
I
changed
the
parameter
to
true
so
that
we
restrict
this
value
is
true
oops
and
I'm
I'm
logged
in
I'm
doing
this
with
the
token
of
the
owner
of
that
project.
You'll
see
that
I
have
successfully
changed
restrict
to
true,
so
I
went
back
tried
to
do
the
same
thing
as
the
same
user
running
a
pipeline
on
the
test
environment
and
I
put
in
these
variables
insufficient
permission
to
set
pipeline
variables.