I have access keys and secrets defined as bitbucket workspace secret variables. One variable pair for dev and one for prod environment:
Our system admin manages and rotates these keys, and multiple repositories utilizes these in the pipeline.
In one of the repos I'd like to reuse the DEV postifxed variables without the postfix, as repository variables.
I tried to do this in Settings/Pipelines/Repository variables page with defining the next variables:
It seems that the system does not resolve the workspace level variables in the pipeline execution.
Is it possible to do this somehow?
This would allow me to define much more generic steps in bitbucket pipeline without renaming the variables in the pipeline code.
This feature would be even more beneficial to use for configuring variables for different Deployment environments without writing specific code to handle different variable names.
The documentation of the variable precedence rules suggests that the repository variable can override the workspace variable. Which would suggest that if you don't define a variable on the repository level, then you can access the workspace-level one.
So, what if you drop those definitions from the repository variables?
I'd like to reuse the workspace level variables in repository level with a different name without knowing its values.
If i drop the definitions from the repository variables I'll end up with different than expected variable names from the workspace level. (actual variable: AWS_ACCESS_KEY_ID_DEV instead of expected: AWS_ACCESS_KEY_ID). So again I end up to redefine/rename these in the pipeline script, what I'd like to avoid
Reusing in the deployment steps are even more complicated, since i need to handle both DEV and PROD postfixes in the pipeline definition script.
In some projects I have even more environments, which adds more complexiti in script, if I can't rename and reuse workspace level variables as deployment variables.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hmm.
I think I understand the problem, and it seems that there is no other option than injecting both the workspace variables and the repository variables using unique names to the pipeline script's execution context and let the script decide (depending on other variables?) which to use...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You can, sure.
(But, to stay realistic, implement the best you can with the currently available options and don't wait for Atlassian to resolve this for you.)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Bence,
We have an existing feature request that you can vote for (by selecting the Vote for this issue link) here:
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.