{"id":17888622,"url":"https://github.com/l-with/devops-gitlab-ci-artifacts","last_synced_at":"2026-05-03T02:39:52.315Z","repository":{"id":39986498,"uuid":"456113772","full_name":"l-with/DevOps-GitLab-CI-Artifacts","owner":"l-with","description":null,"archived":false,"fork":false,"pushed_at":"2024-04-14T16:36:18.000Z","size":173,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-04-17T21:18:55.647Z","etag":null,"topics":["gitlab","gitlab-ci","trivy","vault"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/l-with.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-02-06T10:05:09.000Z","updated_at":"2024-04-30T21:53:39.790Z","dependencies_parsed_at":"2024-04-14T17:46:10.864Z","dependency_job_id":"40f27d49-d5dc-416c-8e20-7a95a9c41bc4","html_url":"https://github.com/l-with/DevOps-GitLab-CI-Artifacts","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/l-with%2FDevOps-GitLab-CI-Artifacts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/l-with%2FDevOps-GitLab-CI-Artifacts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/l-with%2FDevOps-GitLab-CI-Artifacts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/l-with%2FDevOps-GitLab-CI-Artifacts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/l-with","download_url":"https://codeload.github.com/l-with/DevOps-GitLab-CI-Artifacts/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246927839,"owners_count":20856198,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gitlab","gitlab-ci","trivy","vault"],"created_at":"2024-10-28T13:37:59.714Z","updated_at":"2026-05-03T02:39:47.280Z","avatar_url":"https://github.com/l-with.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# gitlab-ci.yml\n\nGitLab CI templates and snippets\n\n## terraform\n\nThe CI templates `terraform/Terraform.gitlab-ci.yml` is based on the [GitLab terraform CI template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.latest.gitlab-ci.yml).\nFollowing these templates the terraform lock file `.terraform-lock.hcl` is not part of the cache and should be part of the repository.\n\nThe template modifies the [GitLab terraform CI template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.latest.gitlab-ci.yml) so that the [GitLab flow](https://docs.gitlab.com/ee/topics/gitlab_flow.html#introduction-to-gitlab-flow) can be used (s. example project [GitLab Terraform GitLab Flow](https://gitlab.with.de/try/gitlab-terraform-gitlab-flow)).\n\nThe template is based on `terraform/Terraform.base.gitlab-ci.yml` and includes the header yaml and a yaml for each job:\n\n- ['/terraform/Terraform.base.gitlab-ci.yml'](https://gitlab.with.de/packages-and-registries/devops-ci-artifacts/-/blob/main/terraform/Terraform.gitlab-ci.header.yml)\n- ['/terraform/Terraform.gitlab-ci.header.yml'](https://gitlab.with.de/packages-and-registries/devops-ci-artifacts/-/blob/main/terraform/Terraform.gitlab-ci.header.yml)\n- ['/terraform/Terraform.gitlab-ci.job-fmt.yml'](https://gitlab.with.de/packages-and-registries/devops-ci-artifacts/-/blob/main/terraform/Terraform.gitlab-ci.job-fmt.yml)\n- ['/terraform/Terraform.gitlab-ci.job-validate.yml'](https://gitlab.with.de/packages-and-registries/devops-ci-artifacts/-/blob/main/terraform/Terraform.gitlab-ci.job-validate.yml)\n- ['/terraform/Terraform.gitlab-ci.job-build.yml'](https://gitlab.with.de/packages-and-registries/devops-ci-artifacts/-/blob/main/terraform/Terraform.gitlab-ci.job-build.yml)\n- ['/terraform/Terraform.gitlab-ci.job-deploy.yml'](https://gitlab.with.de/packages-and-registries/devops-ci-artifacts/-/blob/main/terraform/Terraform.gitlab-ci.job-deploy.yml)\n- ['/terraform/Terraform.gitlab-ci.job-destroy.yml'](https://gitlab.with.de/packages-and-registries/devops-ci-artifacts/-/blob/main/terraform/Terraform.gitlab-ci.job-destroy.yml)\n\nThe `destroy` job depends only on `validate` to facilitate executing `destroy` manually. If you want `destroy` to depend on `deploy` use:\n\n```yaml\ninclude:\n  - project: 'packages-and-registries/devops-ci-artifacts'\n    file:    '/terraform/Terraform.gitlab-ci.yml'\n\nimage:\n  name: lwith/gitlab-devops:latest\n\ndestroy:\n  extends:\n    - .deploy\n  needs:\n    - !reference [.deploy, needs ]\n    - deploy\n  dependencies:\n    - !reference [.deploy, dependencies]\n    - build\n```\n\nThe simplest usage is\n\n```yaml\ninclude:\n  - project: 'packages-and-registries/devops-ci-artifacts'\n    file:    '/terraform/Terraform.gitlab-ci.yml'\n\nimage:\n  name: lwith/gitlab-devops:latest\n```\n\nA CI with extra before scripts in the deploy job is the following\n\n```yaml\ninclude:\n  - project: 'packages-and-registries/devops-ci-artifacts'\n    file:    '/terraform/Terraform.gitlab-ci.yml'\n\nimage:\n  name: lwith/gitlab-devops:latest\n\ndeploy:\n  extends: \n    - .deploy\n  before_script:\n    - !reference [.deploy, before_script]\n    - !reference [.before_script_ssh_prepare_id, before_script]\n    - !reference [.before_script_ssh_agent_add_id, before_script] \n    - !reference [.before_script_ansible_requirements, before_script] \n```\n\nThere are a couple of before_scripts that can be used by [reference-tags](https://docs.gitlab.com/ee/ci/yaml/yaml_optimization.html#reference-tags) in ['/terraform/Terraform.base.gitlab-ci.before-scripts.yml'](https://gitlab.with.de/packages-and-registries/devops-ci-artifacts/-/blob/main/terraform/Terraform.base.gitlab-ci.before-scripts.yml).\n\nThe most often important ones are described here.\n\n### before_script_secrets_vars\n\n- fetches the secrets in `$TF_ROOT/secrets` from vault:\n  - `default.yml` if the file  it exists\n  - `${ENVIRONMENT}.yml` if the file it exists\n- fetches the environment variable values from `.env`-files in `$CI_PROJECT_DIR/environment``\n  - `default.env` if the file  it exists\n  - `${ENVIRONMENT}.env` if the file exists\n\nAll files are passed through [envsubst](https://linuxhandbook.com/envsubst-command/) before they are processed.\nIf the differences between the environments can be expressed through environment variables, it is possible to use only the default.*-files.\n\n### before_script_secrets_env_files\n\n- downloads the secure files\n- fetches the environment variable values from `.env`-files in `.secret_files`\n\n### before_script_vault_token\n\n- fetches a vault token for the role `${VAULT_TOKEN_ROLE}` with [vault_token.sh](#vault-token)\n\n### before_script_ansible_requirements\n\n- installs the ansible roles defined in `$ANSIBLE_PATH/ansible-requirements.yml` into `$ANSIBLE_ROLES_PATH`\n- installs the ansible collections defined in `$ANSIBLE_PATH/ansible-requirements.yml` into `$ANSIBLE_COLLECTIONS_PATH` with timeout `$ANSIBLE_GALAXY_TIMEOUT`\n\n## trivy\n\nThe CI snippet `trivy/Trivy.gitlab-ci.yml` is an adapted `Trivy.gitlab-ci.yml` from section \"GitLab CI using Trivy container\" on [GitLab CI](https://aquasecurity.github.io/trivy/v0.22.0/advanced/integrations/gitlab-ci/).\n\nThe HTML and the JSON templates are copied from [aquasecurity/trivy](https://github.com/aquasecurity/trivy/blob/main/contrib/).\n\nThe reports are placed in `$CI_PROJECT_DIR/.trivy-reports`.\n\nThe full image name has to be placed in `$FULL_IMAGE_NAME`.\n\nThe jobs are assigned to stage `scan`.\n\n## vault\n\nThe CI snippet `vault/Vault.tools.gitlab-ci.yml` combines all vault CI snippets:\n\n- [vault secrets](#vault-secrets)\n- [vault token](#vault-token)\n- [vault kv puts](#vault-kv-puts)\n- [vault kv2 patches](#vault-kv2-patches)\n\nand puts all shell scripts into artifacts.\nSome scripts use [jq](https://stedolan.github.io/jq/) and [jc](https://github.com/kellyjonbrazil/jc) and outputs commands using [vault](https://www.hashicorp.com/products/vault).\n\nThe job is assigned to stage `vault_tools_sh`.\n\nIf in a job other artifacts are defined, use\n\n```yaml\n  dependencies:\n    - vault_tools_sh\n```\n\n## vault secrets (v2)\n\nThe shell script `vault_secrets_v2.sh` uses `VAULT_ID_TOKEN` to authenticate.\nThis token must be configured in a CI job e.g. by:\n\n```yaml\n  id_tokens:\n    ID_TOKEN:\n      aud: $CI_SERVER_URL\n```\n\n## vault secrets\n\nThe CI snippet `vault/Vault.secrets.gitlab-ci.yml` (`vault/Vault.gitlab-ci.yml` is deprecated) puts the shell scripts `vault_secrets.sh` into artifacts.\nThe script uses [jq](https://stedolan.github.io/jq/) and [jc](https://github.com/kellyjonbrazil/jc) and outputs commands using [vault](https://www.hashicorp.com/products/vault).\n\nThe purpose is to simplify fetching secrets from [vault](https://www.hashicorp.com/products/vault).\n\nThe job is assigned to stage `vault_secrets_sh`.\n\nIf in a job other artifacts are defined, use\n\n```yaml\n  dependencies:\n    - vault_secrets_sh\n```\n\nto ensure fetching `vault_secrets.sh` from artifacts.\n\nThe shell script `vault_secrets.sh` interpretes a yaml file describing vault secrets, for instance:\n\n```yaml\nsecrets:\n  - VAULT_AUTH_ROLE: terraform\n    SSH_PASSPHRASE:\n      path:  gitlab/with_de\n      field: ssh_passphrase\n    SSH_PRIVATE_KEY:\n      path:  gitlab/with_de\n      field: ssh_private_key\n    TF_VAR_hcloud_token:\n      path:  gitlab/with_de\n      field: hcloud_token\n  - VAULT_AUTH_ROLE: mailcow\n    MAILCOW_ADMIN_USER:\n      mount: gitlab\n      path:  mailcow\n      field: mailcow_admin_user\n    MAILCOW_ADMIN_PASSWORD:\n      mount: gitlab\n      path:  mailcow\n      field: mailcow_admin_password\n    MAILCOW_MAILBOX_PASSWORDS:\n      mount:  gitlab\n      path:   mailcow/mailbox_passwords\n      format: json\n```\n\n`path` is mandatory, `mount`, `field` and `format` are optional.\n\nThe syntax is closely related to use the `vault kv get` command and related to [Use Vault secrets in a CI job](https://docs.gitlab.com/ee/ci/secrets/index.html#use-vault-secrets-in-a-ci-job) in GitLab Premium.\n\nThe usage is\n\n```bash\n./vault_secrets.sh \u003csecrets\u003e [option]\n```\n\nThe script by default outputs the commands to fetch the secrets described in the yaml file `secrets` from vault.\n\n`option` can be\n\n\u003c!-- markdownlint-disable MD033 --\u003e\n* `--debug` / `-d` \u003cbr /\u003e output the commands to fetch the secrets from vault, do not use sub shell for vault and thus propagate errors\n* `--test` / `-t` \u003cbr /\u003e output the commands to fetch the secrets from vault, only try fetching secrets from vault, do not export the secrets\n* `--markdown` / `-m` \u003cbr /\u003e output a markdown table documenting the secrets\n\u003c!-- markdownlint-enable MD033 --\u003e\n\nThere are two usages:\n\n```bash\n./vault_secrets.sh secrets.yml\n```\n\nshows the commands produced by `vault_secrets.sh`.\n\n```bash\n./vault_secrets.sh secrets.yml \u003e.secrets \u0026\u0026 . .secrets \u0026\u0026 rm .secrets\n```\n\nexecutes the commands produced by `vault_secrets.sh` in the execution context.\n\nYou have to set `VAULT_ADDR` and possibly `VAULT_CACERT` for using `vault_secrets.sh`.\n\nIt is a good pratice to use [!reference tags]https://docs.gitlab.com/ee/ci/yaml/yaml_optimization.html#reference-tags) by defining in the CI definition\n\n```yaml\n.before-script-vault:\n  before_script:\n    - ./vault_secrets.sh secrets.yml \u003e.secrets \u0026\u0026 . .secrets \u0026\u0026 rm .secrets\n```\n\n### Test\n\nYou can test if all secrets are accessable by\n\nThe CI snippet also puts the shell script `vault_secrets_test.sh` into artifacts.\nThis script tests if all secrets are accessable.\n\n```bash\n./vault_secrets.sh secrets.yml --test \u003e.secrets \u0026\u0026 . .secrets \u0026\u0026 rm .secrets\n```\n\n### Markdown for vault_secrets\n\nYou can output a Markdown table documenting the secrets by\n\n```bash\n./vault_secrets.sh secrets.yml --markdown\n```\n\nFor the secrets yaml example above the result is\n\n| variable | role | path | field |\n| --- | --- | --- | --- |\n| SSH_PRIVATE_KEY | terraform | gitlab/ssh | ssh_private_key |\n| TF_VAR_ssh_key_name | terraform | gitlab/ssh | ssh_key_name |\n| DNS_API_TOKEN | terraform | gitlab/dns | dns_api_token |\n| APPLICATION_REGISTRY_AUTH | application | gitlab/applications | registry_auth |\n| TEST_LONG_PATH | application | gitlab/applications/subfolder | test_long_path |\n\nThis output can pasted into the `README.md` of the project for documentation purpose.\n\n## vault token\n\nThe CI snippet `vault/Vault.token.gitlab-ci.yml` puts the shell scripts `vault_token.sh` into artifacts.\nThe script use [vault](https://www.hashicorp.com/products/vault) to fetch a vault token and exports the token.\n\nThe purpose is to simplify fetching a vault to token.\n\nThe job is assigned to stage `vault_token_sh`.\n\nIf in a job other artifacts are defined, use\n\n```yaml\n  dependencies:\n    - vault_token_sh\n```\n\nto ensure fetching `vault_token.sh` from artifacts.\n\nThe usage is\n\n```bash\n./vault_token.sh \u003cvault-auth-role\u003e [option]\n```\n\nThe shell script `vault_token.sh` fetches a vault token for the role and exports the token in the environment variable `VAULT_TOKEN`.\n\nIt is a good pratice to use [YAML anchors for scripts](https://docs.gitlab.com/ee/ci/yaml/yaml_optimization.html#yaml-anchors-for-scripts) by defining in the CI definition\n\n```yaml\n.before-script-vault: \u0026before-script-vault\n  - ./vault_token.sh terraform\n```\n\n## vault kv puts\n\nThe CI snippet `vault/Vault.kv_puts.gitlab-ci.yml` puts the shell scripts `vault_kv_puts.sh` into artifacts.\nThe script uses [jq](https://stedolan.github.io/jq/) and [jc](https://github.com/kellyjonbrazil/jc) and outputs commands using [vault](https://www.hashicorp.com/products/vault).\n\nThe purpose is to simplify putting key value pairs into [vault](https://www.hashicorp.com/products/vault).\n\nThe job is assigned to stage `vault_kv_puts_sh`.\n\nIf in a job other artifacts are defined, use\n\n```yaml\n  dependencies:\n    - vault_kv_puts_sh\n```\n\nto ensure fetching `vault_kv_puts.sh` from artifacts.\n\nThe shell script `vault_kv_puts.sh` interpretes a yaml file describing vault key value pairs, for instance:\n\n```yaml\nkv_puts:\n  - VAULT_AUTH_ROLE: mailcow\n    gitlab/mailcow/kv:\n      TLSA_dns_record_value: TLSA_DNS_RECORD_VALUE\n      DKIM_dns_record_value: DKIM_DNS_RECORD_VALUE\n    gitlab/mailcow/kv2:\n      TLSA_dns_record_value2: TLSA_DNS_RECORD_VALUE2\n      DKIM_dns_record_value2: DKIM_DNS_RECORD_VALUE2\n  - VAULT_AUTH_ROLE: terraform\n    gitlab/terraform/kv:\n      TOKEN: token\n      KEY:   key\n    gitlab/terraform/kv2:\n      TOKEN2: token2\n      KEY2:   key2\n```\n\nThe usage is\n\n```bash\n./vault_kv_puts.sh \u003cvault-auth-role\u003e\n```\n\nThe script by default outputs the commands to put the key value pairs described in the yaml file `kv_puts` into vault.\n\n`option` can be\n\n\u003c!-- markdownlint-disable MD033 --\u003e\n* `--markdown` / `-m` \u003cbr /\u003e output a markdown table documenting the key value pairs\n\u003c!-- markdownlint-enable MD033 --\u003e\n\nThere are two usages:\n\n```bash\n./vault_kv_puts.sh kv_puts.yml\n```\n\nshows the commands produced by `vault_kv_puts.sh`.\n\n```bash\n./vault_kv_puts.sh kv_puts.yml \u003e.kv_puts \u0026\u0026 . .kv_puts \u0026\u0026 rm .kv_puts\n```\n\nexecutes the commands produced by `vault_kv_puts.sh` in the execution context.\n\nYou have to set `VAULT_ADDR` and possibly `VAULT_CACERT` for using `vault_kv_puts.sh`.\n\nIt is a good pratice to use [YAML anchors for scripts](https://docs.gitlab.com/ee/ci/yaml/yaml_optimization.html#yaml-anchors-for-scripts) by defining in the CI definition\n\n```yaml\n.after-script-vault: \u0026after-script-vault\n  - ./vault_kv_puts.sh kv_puts.yml \u003e.kv_puts \u0026\u0026 . .kv_puts \u0026\u0026 rm .kv_puts\n```\n\n### Markdown for vault_kv_puts\n\nYou can output a Markdown table documenting the secrets by\n\n```bash\n./vault_kv_puts.sh kv_puts.yml --markdown\n```\n\nFor the kv puts yaml example above the result is\n\n| role | path| key | value |\n| --- | --- | --- | --- |\n| mailcow | gitlab/mailcow/kv | TLSA_dns_record_value | TLSA_DNS_RECORD_VALUE |\n| mailcow | gitlab/mailcow/kv | DKIM_dns_record_value | DKIM_DNS_RECORD_VALUE |\n| mailcow | gitlab/mailcow/kv2 | TLSA_dns_record_value2 | TLSA_DNS_RECORD_VALUE2 |\n| mailcow | gitlab/mailcow/kv2 | DKIM_dns_record_value2 | DKIM_DNS_RECORD_VALUE2 |\n| terraform | gitlab/mailcow/kv | TLSA_dns_record_value | TLSA_DNS_RECORD_VALUE |\n| terraform | gitlab/mailcow/kv | DKIM_dns_record_value | DKIM_DNS_RECORD_VALUE |\n| terraform | gitlab/mailcow/kv2 | TLSA_dns_record_value2 | TLSA_DNS_RECORD_VALUE2 |\n| terraform | gitlab/mailcow/kv2 | DKIM_dns_record_value2 | DKIM_DNS_RECORD_VALUE2 |\n\nThis output can pasted into the `README.md` of the project for documentation purpose.\n\n## vault kv2 patches\n\nThe CI snippet `vault/Vault.kv2_patches.gitlab-ci.yml` puts the shell scripts `vault_kv2_patches.sh` into artifacts.\nThe script uses [jq](https://stedolan.github.io/jq/) and [jc](https://github.com/kellyjonbrazil/jc) and outputs commands using [vault](https://www.hashicorp.com/products/vault).\n\nThe purpose is to simplify putting key value pairs into [vault](https://www.hashicorp.com/products/vault).\n\nThe job is assigned to stage `vault_kv2_patches_sh`.\n\nIf in a job other artifacts are defined, use\n\n```yaml\n  dependencies:\n    - vault_kv2_patches_sh\n```\n\nto ensure fetching `vault_kv2_patches.sh` from artifacts.\n\nThe shell script `vault_kv2_patches.sh` interpretes a yaml file describing vault key value pairs, for instance:\n\n```yaml\nkv2_patches:\n  - VAULT_AUTH_ROLE: mailcow\n    TLSA_DNS_RECORD_VALUE:\n      mount: gitlab\n      path:  mailcow/kv\n      field: TLSA_dns_record_value\n    DKIM_DNS_RECORD_VALUE: \n      mount: gitlab\n      path:  mailcow/kv\n      field: DKIM_dns_record_value\n  - VAULT_AUTH_ROLE: terraform\n    TOKEN: \n      path:  gitlab/terraform/kv\n      field: token\n    KEY:\n      path:  gitlab/terraform/kv\n      field: key\n```\n\n`path` and `field` are mandatory, `mount` is optional.\n\nThe usage is\n\n```bash\n./vault_kv2_patches.sh \u003cvault-auth-role\u003e\n```\n\nThe script by default outputs the commands to put the key value pairs described in the yaml file `kv2_patches` into vault.\n\n`option` can be\n\n\u003c!-- markdownlint-disable MD033 --\u003e\n* `--markdown` / `-m` \u003cbr /\u003e output a markdown table documenting the key value pairs\n\u003c!-- markdownlint-enable MD033 --\u003e\n\nThere are two usages:\n\n```bash\n./vault_kv2_patches.sh kv2_patches.yml\n```\n\nshows the commands produced by `vault_kv2_patches.sh`.\n\n```bash\n./vault_kv2_patches.sh kv2_patches.yml \u003e.kv2_patches \u0026\u0026 . .kv2_patches \u0026\u0026 rm .kv2_patches\n```\n\nexecutes the commands produced by `vault_kv2_patches.sh` in the execution context.\n\nYou have to set `VAULT_ADDR` and possibly `VAULT_CACERT` for using `vault_kv2_patches.sh`.\n\nIt is a good pratice to use [YAML anchors for scripts](https://docs.gitlab.com/ee/ci/yaml/yaml_optimization.html#yaml-anchors-for-scripts) by defining in the CI definition\n\n```yaml\n.after-script-vault: \u0026after-script-vault\n  - ./vault_kv2_patches.sh kv2_patches.yml \u003e.kv2_patches \u0026\u0026 . .kv2_patches \u0026\u0026 rm .kv2_patches\n```\n\n### markdown\n\nYou can output a Markdown table documenting the secrets by\n\n```bash\n./vault_kv2_patches.sh kv2_patches.yml --markdown\n```\n\nFor the kv2 patches yaml example above the result is\n\n| role | path| key | value |\n| --- | --- | --- | --- |\n| mailcow | gitlab/mailcow/kv | TLSA_dns_record_value | TLSA_DNS_RECORD_VALUE |\n| mailcow | gitlab/mailcow/kv | DKIM_dns_record_value | DKIM_DNS_RECORD_VALUE |\n| mailcow | gitlab/mailcow/kv2 | TLSA_dns_record_value2 | TLSA_DNS_RECORD_VALUE2 |\n| mailcow | gitlab/mailcow/kv2 | DKIM_dns_record_value2 | DKIM_DNS_RECORD_VALUE2 |\n| terraform | gitlab/mailcow/kv | TLSA_dns_record_value | TLSA_DNS_RECORD_VALUE |\n| terraform | gitlab/mailcow/kv | DKIM_dns_record_value | DKIM_DNS_RECORD_VALUE |\n| terraform | gitlab/mailcow/kv2 | TLSA_dns_record_value2 | TLSA_DNS_RECORD_VALUE2 |\n| terraform | gitlab/mailcow/kv2 | DKIM_dns_record_value2 | DKIM_DNS_RECORD_VALUE2 |\n\nThis output can pasted into the `README.md` of the project for documentation purpose.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fl-with%2Fdevops-gitlab-ci-artifacts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fl-with%2Fdevops-gitlab-ci-artifacts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fl-with%2Fdevops-gitlab-ci-artifacts/lists"}