Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to use secret keys with pipelines?

Moe Han
Moe Han
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 13, 2016

Hello,

In my repo, I have a `keys.py` file which I do not commit to Bitbucket. Inside that, I have AWS_SECRET and etc.

Then I do like `keys.AWS_SECRET` to access those keys.

How do I do that so that I can still test using pipelines without changing much to my codebase?

 

Thanks.

Answer
Watch
Like Steffen Opel _Utoolity_ likes this
11716 views

3 answers

3 votes
Steven Vaccarella
Steven Vaccarella
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 16, 2016

I had added this as a comment to Philip's answer, but the code sections don't seem to display correctly in a comment.

If you really want to minimise the changes to your code you could try putting your entire "keys.py" file into a single secure variable by base64-encoding it.

base64 < keys.py

Paste the output of that command into the value of a secure variable named "KEYS_PY" and then in your bitbucket-pipelines.yml script:

echo $KEYS_PY | base64 --decode > keys.py

This may or may not work depending on how large "keys.py" is.

 

View More Comments
Peter Havenga
Peter Havenga
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 1, 2017

In my case this was needed:

echo "$KEYS_PY" | base64 --decode &gt; keys.py

(including " ").

Like # people like this
Reply
1 vote
arvinds
arvinds January 3, 2020

For binary files like P12 how it can be stored? 

View More Comments
argentum47
argentum47 May 17, 2021

Hi Arvinds,

 

Were you able to how P12 files can be stored using secrets?

Like
Reply
1 vote
Philip Hodder
Philip Hodder
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 13, 2016

Hi Moe,

You can use a secured environment variable for to achieve this. 

Variables in pipelines - Atlassian Documentation

The variable value will be masked from all log output if you mark it as a "secured" variable on creation. 

By the sounds of it, the only thing you will have to change is that you read in these values as an environment variable, instead of from a file. 

Thanks. 

View More Comments
Olve Hansen
Olve Hansen
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 25, 2019

Link is dead

Like # people like this
Daniel Santos
Daniel Santos
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 27, 2019

The link is now fixed, thank you for pointing that out @Olve Hansen

Like alistersneddon likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events