I'm looking at bitbucket-upload-file as a potential solution to send Pipelines build results to the Downloads section of my repository.
To do this, it looks like I need to commit a BITBUCKET_APP_PASSWORD variable directly into the repository within the `
The app password would by necessity have permission to read and write to my repositories, and in using this solution, that password would be published to my (public) repository.
That seems like a Really Bad Idea. Perhaps I'm missing something? Maybe there are better password security practices which I could follow in the deployment of my built code?
@Samantha_Finnigan Indeed, only use variables in the pipelines by their identifier/name and *set* them in the project settings, the second half of: https://support.atlassian.com/bitbucket-cloud/docs/variables-in-pipelines/
...hey are a part of us, shaping how we interact with the world around us. The same holds true for programming languages when we think about how different kinds of vulnerabilities raise their heads in t...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events