@@ -130,7 +130,7 @@ in your project structure, and let the GitLab CI template `oc apply` it.
The template processes the following steps:
1. _optionally_ executes the `os-pre-apply.sh` script in your project to perform specific environment pre-initialization (for e.g. create required services),
2. looks for your OpenShift [template](https://docs.openshift.com/container-platform/latest/openshift_images/using-templates.html) file, performs [variables substitution](#using-variables) and [`oc apply`](https://docs.openshift.com/container-platform/latest/cli_reference/openshift_cli/developer-cli-commands.html#oc-apply) it,
2. looks for your OpenShift [template](https://docs.openshift.com/container-plattform/latest/openshift_images/using-templates.html) file, performs [variables substitution](#uuuusing-variabless) and [`oc apply`](https://docs.openshift.com/container-platform/latest/cli_reference/openshift_cli/developer-cli-commands.html#oc-apply) it,
1. look for a specific `openshift-$environment_type.yml` in your project (e.g. `openshift-staging.yml` for staging environment),
2. fallbacks to default `openshift.yml`.
3. _optionally_ executes the `os-post-apply.sh` script in your project to perform specific environment post-initialization stuff,
@@ -342,12 +342,12 @@ Those variables may be freely used in downstream jobs (for instance to run accep
Here are some advices about your **secrets** (variables marked with a :lock:):
1. Manage them as [project or group CI/CD variables](https://docs.gitlab.com/ee/ci/variables/#create-a-custom-variable-in-the-ui):
*[**masked**](https://docs.gitlab.com/ee/ci/variables/#mask-a-custom-variable) to prevent them from being inadvertently
1. Manage them as [project or group CI/CD variables](https://docs.gitlab.com/ee/ci/variables/#add-a-cicd-variable-to-a-project):
*[**masked**](https://docs.gitlab.com/ee/ci/variables/#mask-a-cicd-variable) to prevent them from being inadvertently
displayed in your job logs,
*[**protected**](https://docs.gitlab.com/ee/ci/variables/#protect-a-custom-variable) if you want to secure some secrets
*[**protected**](https://docs.gitlab.com/ee/ci/variables/#protected-cicd-variables) if you want to secure some secrets
you don't want everyone in the project to have access to (for instance production secrets).
2. In case a secret contains [characters that prevent it from being masked](https://docs.gitlab.com/ee/ci/variables/#masked-variable-requirements),
2. In case a secret contains [characters that prevent it from being masked](https://docs.gitlab.com/ee/ci/variables/#mask-a-cicd-variable),
simply define its value as the [Base64](https://en.wikipedia.org/wiki/Base64) encoded value prefixed with `@b64@`:
it will then be possible to mask it and the template will automatically decode it prior to using it.
3. Don't forget to escape special characters (ex: `$` -> `$$`).
