Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

[LEAK BITBUCKET SECRET] masking secret dont affect when using printenv to artifacts

Prima Adi Pradana
Prima Adi Pradana
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
July 31, 2024

Need this addressed.

this is really dangerous since every pipeline as long user have access the could executed a pipeline inside our own branch

https://cloud.google.com/blog/topics/threat-intelligence/bitbucket-pipeline-leaking-secrets

could we somehow disable artifacts if there is some command running or like blocked printenv completely

Answer
Watch
Like JoMi likes this
489 views

1 answer

0 votes
Aloy Scanlan _Product Forge_
Aloy Scanlan _Product Forge_
Contributor
August 2, 2024

Hey @Prima Adi Pradana - isn't this the case for all cloud CI/CD tools - not just Pipelines? It looks like the exact same thing happens with Github Actions: https://github.com/orgs/community/discussions/24928

If you're concerned about this happening, you could use something like a Dynamic Pipeline to look through any CI workflows before they run and not run any that look to be printing secrets to files.

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security