Bitbucket Pipelines provides a set of default environment variables as well as the ability to define your own variables. You can mark variables as secured for additional security of your passwords, tokens, and other values.
See also What is a slug?
Variables are set as environment variables in the build container. You can access the variables from the bitbucket-pipelines.yml file or any script that you invoke by referring to them in the following way:
AWS_SECRET is the name of the variable.
Pipelines provides a set of default variables that are available for all builds, and can be used in scripts.
You can override the default variables by specifying an environment variable with the name of a default variable.
||For use with Mercurial projects.|
The branch on which the build was kicked off. This value is only available on branches.
Not available for builds against tags, or custom pipelines.
||The unique identifier for a build. It increments with each build and can be used to create unique artifact names.|
The absolute path of the directory that the repository is cloned into within the Docker container.
||The commit hash of a commit that kicked off the build.|
||The name of the account in which the repository lives.|
||The URL-friendly version of a repository name. For more information, see What is a slug?.|
The tag of a commit that kicked off the build. This value is only available on tags.
Not available for builds against branches.
||Default value is
You can add, edit, or remove environment variables at the account and repository levels. Variables specified at the repository level override variables specified at the account level.
Names can only contain ASCII letters, digits and underscores
Names are case-sensitive
Names can't start with a digit
Environment variables added at the repository level can be accessed by any users with the push permission in the repository.
You can manage repository variables in Settings > Pipelines > Environment variables.
Repository variables override team variables.
Team and individual account variables
Environment variables specified for a team or an individual account can be accessed from all repositories that belong to the team or account. You must be an administrator to manage team variables.
To manage team or individual account variables:
- From your avatar in the bottom left, click Bitbucket settings.
- Select an individual account or a team for which you want to configure variables:
- In the menu on the left, go to Pipelines > Environment variables.
Team or individual account variables can be overridden by repository variables.
Team or individual account variables can be accessed by all users with the write permission for any repository (private or public) that belongs to the team or account.
You must be an administrator of an account or a repository to manage variables respectively.
You can secure a variable, which means its value will be hidden in the build logs. Values of secured variables can't be retrieved in the Bitbucket UI and can only be edited by assigning new values. Secured values are stored as encrypted values.
Let's say that I added the following two variables:
USER_NAMEwith the value 'michalina'
USER_PASSthat I marked to be secured
Now I can use them in my bitbucket-pipelines.yml file:
# You can use a Docker image from Docker Hub or your own container registry # for your build environment. image: maven:3.3.3-jdk-8 pipelines: default: - job: script: - echo hello - echo $USER_NAME - echo $USER_PASS
In this scenario, the build returns the value of the
USER_NAME variable and keeps the secured
USER_PASS value encrypted and hidden: