Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Deployment variable is not reflecting in pipelines

Jaisa Ram
Jaisa Ram October 7, 2020

I am using bitbucket pipeline to deploy using S3 deploy and for invalidation of by using aws-cloudfront-invalidate.

 

I have declared some variables at repository level and some at deployment environment level. 

Here:

DISTRIBUTION_ID is a part deployment variable and during the run pipeline it is throwing error (DISTRIBUTION_ID can be a null) while invalidation pipe.

 

When I move DISTRIBUTION_ID to repository level variable, it is working.

 

I am using latest version of both pipes.

Answer
Watch
Like Be the first to like this
1054 views

1 answer

1 accepted

0 votes
Answer accepted
Halyna Berezovska
Halyna Berezovska
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 7, 2020

@Jaisa Ram can you provide the code of your pipeline? To use deployment variables you need to put the keyword to pipeline, sth like as

 

name: Deploy

deployment: production

 

BUT be aware that deployment variables overwrites repository ones.

For more details see docs:

https://support.atlassian.com/bitbucket-cloud/docs/variables-and-secrets/

Regards, Galyna

View More Comments
Jaisa Ram
Jaisa Ram October 8, 2020

Thanks @Halyna Berezovska , it works after updating deployment keyword

Like
Jaisa Ram
Jaisa Ram October 8, 2020

related to https://jira.atlassian.com/browse/BCLOUD-18261 

Like
Fernando Silva Maransatto
Fernando Silva Maransatto April 23, 2021

Hi, @Halyna Berezovska 
I'm using the same deployment variables that I'm using with the previous pipe (aws-s3-deploy) but It shows me the following errors:

✖ Validation errors:
AWS_ACCESS_KEY_ID:- null value not allowed
AWS_SECRET_ACCESS_KEY:- null value not allowed
DISTRIBUTION_ID:- null value not allowed

I had the same problem and I tried to fixed it using by moving all the variables to the repository settings.

Shouldn't aws-cloudfront-invalidate accept the deployment variables such as was-s3-deploy does?

The issue now is that it shows me the following error:

ERROR: Error creating a cloudfront invalidation

✖ Failed to create a cloudfront invalidation: An error occurred (AccessDenied) when calling the CreateInvalidation operation: User: arn:aws:iam::<iam>:user/Bitbucket is not authorized to perform: cloudfront:CreateInvalidation on resource: arn:aws:cloudfront::<iam>:distribution/<distribution_id>

Like
Halyna Berezovska
Halyna Berezovska
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 29, 2021

@Jaisa Ram regarding the last question, why if failed - the user you use in s3 and cloudfront, do not have permissions to execute Cloudfront actions. To fix this, you have to change policy (any permissions attached, inline policy etc.) attached to this user or create another user specific for cloudfront.

Could you also tell more details about using Cloudfront as second pipe with default variables feature without passing aws keys as variables (I susoect you're using this)? We need to understand the root cause why it is not working for you.

 

Also feel free to use our new Bitbucket pipelines oidc feature , where you can authenticate without using any aws keys. Example of how to use it can be found here in the first Advanced example  .

Regards, Galyna

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events