Printing GitLab CI Environment Variables

6 min read.
Tags: ci-cdgitlab

When a GitLab CI job behaves weirdly, printing environment variables helps you see what the runner actually receives.

But do it carefully so secrets are not leaked in logs.

Basic command to print variables

Inside a CI job script:

printenv | sort

This prints all available environment variables in sorted order.

Safer debug output

To avoid exposing sensitive values, filter keys first:

printenv | grep -E '^(CI_|NODE_|NPM_|APP_)' | sort

This is safer than dumping everything blindly.

GitLab CI example job

debug:variables:
  stage: test
  script:
    - printenv | grep -E '^(CI_|NODE_|NPM_)' | sort

Run this job only when needed, then remove it.

Check one variable quickly

echo "CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH"
echo "CI_PIPELINE_SOURCE=$CI_PIPELINE_SOURCE"

This is useful when debugging branch rules and pipeline conditions.

Redact secrets in output

If you absolutely must print a value for debug, mask it:

echo "TOKEN=${MY_TOKEN:0:4}****"

Never print full tokens/passwords in CI logs.

Latest Posts