origin remote in .git/config in the current directory, reads your saved token, and calls the GitLab API to create the variable — or update it in place when the key already exists. The variable is masked so its value is hidden in job logs. When it finishes, it prints the project’s CI/CD settings URL where the variable can be seen.
Pushing a variable requires a GitLab token saved with gitlab:credentials:create. The token (a Personal Access Token with the api scope) is read from ~/.talos/credentials/gitlab.yml.
The host is taken from the
origin remote, so self-managed GitLab instances work too — a git@gitlab.example.com:group/app.git remote targets https://gitlab.example.com/api/v4. Nested subgroup paths (group/subgroup/project) are supported.Usage
origin remote.
Examples
Run with no flags to be prompted for the variable name and value (the value input is hidden):Options
| Option | Description | Default |
|---|---|---|
--name | Name (key) of the CI/CD variable to create or update. | Prompted if omitted |
--value | Value to store for the variable. | Prompted (hidden) if omitted |
--silent | Suppress the spinner, success message, and settings URL. | false |
.git/config, or the GitLab API rejects the request. Because the variable is created masked, the value must satisfy GitLab’s masking requirements — the API error explains what to fix when it does not.