Limit a custom pipeline to a branch

I added two custom pipelines in order to manually trigger them: One for deployment to test and the other for deployment to prod.

Unfortunately, it is possible to run both pipelines on every branch, e.g. I could run "deployment to prod" on the development branch, which should only be possible on the master branch.

Is there a way to limit custom pipelines to specific branches?

3 answers

This doesn't seem to be possible within bitbucket-pipelines.yml itself, but you can check for the branch in your script:

#!/bin/bash

if [ "$(git rev-parse --abbrev-ref HEAD)" == "master" ]; then
echo "master :)"
else
echo "not master :("
fi

If you want to follow @Steve Taylor's answer you can also check the BITBUCKET_BRANCH environment variable in the pipeline. https://confluence.atlassian.com/bitbucket/environment-variables-794502608.html

Alternatively, you could set up a pipeline that runs on master only and has manual steps that do the deployments. i.e. Steps that will only trigger with manual input. You will also need to be using artifacts for this.

Documentation links.

Manual Steps: https://confluence.atlassian.com/bitbucket/run-pipelines-manually-861242583.html

Artifacts: https://confluence.atlassian.com/bitbucket/using-artifacts-in-steps-935389074.html

Something like this:

pipelines:
branches:
master:
- step:
trigger: manual
name: test
artifacts:
- build-output/**
script:
- ./runTests
- step:
trigger: manual
name: "Deploy to Staging"
artifacts:
- build-output:**
scripts:
- ./deploy-to-staging
- step:
trigger: manaual
name: "Deploy to Production"
scripts:
- ./deploy-to-production

default:
- step:
name: test
script:
- ./run-tests

Then you can also set up Bitbucket Deployments (if you're in the alpha programme) to track the status of your environments https://confluence.atlassian.com/bitbucket/bitbucket-deployments-940695276.html

One side note, the first step can't be manual according to

https://bitbucket-pipelines.prod.public.atl-paas.net/validator

Like 2 people like this

I just noticed that since some weeks there's an option to run every pipeline (not only custom ones) from every commit.

This is dangerous (everyone could push to production WIPs or old commits, or even malicious ones via a side branch).

Is it really this way?

Screen Shot 2018-03-23 at 16.13.37.png

+1 for improving accessibility and access control for pipelines.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Thursday in Bitbucket Pipelines

Building a Bitbucket Pipe as a casual coder

....sh :  #!/bin/bash source "$(dirname "$0")/common.sh" enable_debug extra_args="" if [[ "${DEBUG}" == "true" ]]; then extra_args="--verbose" fi # mandatory variables ROLLBAR_ACCESS_TOKEN...

188 views 0 12
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you