github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-06 22:23:53 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
95fdff7747fe3e192b065b9f98b4cc8e65fe89a4
infisical/docs/integrations/cicd/bitbucket.mdx
Victor Santos 95fdff7747 documentation update
2025-11-24 19:59:00 -03:00

55 lines
2.4 KiB
Plaintext
Raw Blame History

---
title: "Bitbucket"
description: "How to sync secrets from Infisical to Bitbucket"
---
Infisical lets you sync secrets to Bitbucket at the repository-level and deployment environment-level.
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
<AccordionGroup>
<Accordion title="Push secrets to Bitbucket from Infisical">
Use our [Bitbucket Secret Syncs](../secret-syncs/bitbucket)
</Accordion>
<Accordion title="Pull secrets in Bitbucket pipelines from Infisical">
<Steps>
<Step title="Configure Infisical Access">
Configure a [Machine Identity](https://infisical.com/docs/documentation/platform/identities/universal-auth) for your project and give it permissions to read secrets from your desired Infisical projects and environments.
</Step>
<Step title="Initialize Bitbucket variables">
Create Bitbucket variables (can be either workspace, repository, or deployment-level) to store Machine Identity Client ID and Client Secret.
![integrations bitbucket](/images/integrations/bitbucket/integrations-bitbucket-env.png)
</Step>
<Step title="Integrate Infisical secrets into the pipeline">
Edit your Bitbucket pipeline YAML file to include the use of the Infisical CLI to fetch and inject secrets into any script or command within the pipeline.
#### Example
```yaml
image: atlassian/default-image:3
pipelines:
default:
- step:
name: Build application with secrets from Infisical
script:
- apt update && apt install -y curl
- curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' | bash
- apt-get update && apt-get install -y infisical
- export INFISICAL_TOKEN=$(infisical login --method=universal-auth --client-id=$INFISICAL_CLIENT_ID --client-secret=$INFISICAL_CLIENT_SECRET --silent --plain)
- infisical run --projectId=1d0443c1-cd43-4b3a-91a3-9d5f81254a89 --env=dev -- npm run build
```
<Tip>
Set the values of `projectId` and `env` flags in the `infisical run` command to your intended source path. For more options, refer to the CLI command reference [here](https://infisical.com/docs/cli/commands/run).
</Tip>
</Step>
</Steps>
</Accordion>
</AccordionGroup>
Reference in New Issue View Git Blame Copy Permalink