Just as David said, You can store the credentials as Gitlab variables.
In a previous project, I was skeptical about storing credentials as a Gitlab variable. I went to the lenght of storing the credentials as files inside of a password protected zip file, which was located in another password protected zip file. The gitlab variable that I had stored, was used to unzip the parent zip file, then was used with a salt factor + MD5 to unzip the folder with the credentials.
Yes, it was an overkill and too complicated. However, it was an alternative if vanilla Gitlab variable is an security issue.
Currently, I’m using vanilla Gitlab variable for the credentials and cookie.