Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Sign up for free Log in
Atlassian Community Hero Image Collage

bitbucket-upload-file App password security practices

Edited
Samantha Finnigan
Samantha Finnigan Jun 17, 2020

I'm looking at bitbucket-upload-file as a potential solution to send Pipelines build results to the Downloads section of my repository.

To do this, it looks like I need to commit a BITBUCKET_APP_PASSWORD variable directly into the repository within the `bitbucket-pipelines.yml` file.

The app password would by necessity have permission to read and write to my repositories, and in using this solution, that password would be published to my (public) repository.

That seems like a Really Bad Idea. Perhaps I'm missing something? Maybe there are better password security practices which I could follow in the deployment of my built code?

Answer
Watch
Like Be the first to like this
315 views

1 answer

1 accepted

1 vote
Answer accepted
ktomk
ktomk Jun 20, 2020

@Samantha Finnigan Indeed, only use variables in the pipelines by their identifier/name and *set* them in the project settings, the second half of: https://support.atlassian.com/bitbucket-cloud/docs/variables-in-pipelines/

View More Comments
Samantha Finnigan
Samantha Finnigan Jun 20, 2020

That's exactly what I was looking for, thanks :)

Like ktomk likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket Pipelines
Bitbucket Pipelines
TAGS
Community showcase
Maggie Norby Adams
Maggie Norby Adams
Published in Apps & Integrations

🍻🍂Apptoberfest Update: Upcoming Virtual Events 🎉

Hello Community! I hope you've been enjoying the 🍂Apptoberfestivities🍂 (I know I have!) The event is heating up next week with a series of virtual events that we're calling the 🍻🍂Partner App ...

173 views 3 14
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you