How do I properly handle secrets with Bamboo 6.2 onwards

As a user of Bamboo 6.2 and beyond, I've found the platform to provide robust and flexible solutions for handling secrets, ensuring the security of sensitive information in CI/CD pipelines...

@Ishika Khanna @leozilla @howt723 It seems like an identical question has been asked before at https://community.atlassian.com/t5/Bamboo-questions/How-do-I-properly-handle-secrets-with-Bamboo-6-2-onwards/qaq-p/679896

Please have a look at the discussion over there. In particular, https://marketplace.atlassian.com/1221965 might interest you.

I have the same question. Does anybody get the solution?

I am using bambo 6.10 and have exactly the same question.

When naming them something like "password", "secret" bamboo does automatically treat them as secret data, which is good but you cannot access those values in script files which is a real problem.

One workaround is to inject them manually again via a InjectVariablesTask:

```

new ScriptTask()
        .inlineBody(format("echo 'dev_secret_access_key='${bamboo_aws_dev_secret_access_key} >> %s", AWS_PROPS_FILE)),
new InjectVariablesTask().path(AWS_PROPS_FILE).namespace("aws"),
new ScriptTask().inlineBody("rm " + AWS_PROPS_FILE)

This works but its very tedious and ugly.