Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to use secret keys with pipelines?

Moe Han
Moe Han
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 13, 2016

Hello,

In my repo, I have a `keys.py` file which I do not commit to Bitbucket. Inside that, I have AWS_SECRET and etc.

Then I do like `keys.AWS_SECRET` to access those keys.

How do I do that so that I can still test using pipelines without changing much to my codebase?

 

Thanks.

Answer
Watch
Like Steffen Opel _Utoolity_ likes this
11798 views

3 answers

3 votes
Steven Vaccarella
Steven Vaccarella
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 16, 2016

I had added this as a comment to Philip's answer, but the code sections don't seem to display correctly in a comment.

If you really want to minimise the changes to your code you could try putting your entire "keys.py" file into a single secure variable by base64-encoding it.

base64 < keys.py

Paste the output of that command into the value of a secure variable named "KEYS_PY" and then in your bitbucket-pipelines.yml script:

echo $KEYS_PY | base64 --decode > keys.py

This may or may not work depending on how large "keys.py" is.

 

View More Comments
Peter Havenga
Peter Havenga
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 1, 2017

In my case this was needed:

echo "$KEYS_PY" | base64 --decode &gt; keys.py

(including " ").

Like # people like this
Reply
1 vote
arvinds
arvinds January 3, 2020

For binary files like P12 how it can be stored? 

View More Comments
argentum47
argentum47 May 17, 2021

Hi Arvinds,

 

Were you able to how P12 files can be stored using secrets?

Like
Reply
1 vote
Philip Hodder
Philip Hodder
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 13, 2016

Hi Moe,

You can use a secured environment variable for to achieve this. 

Variables in pipelines - Atlassian Documentation

The variable value will be masked from all log output if you mark it as a "secured" variable on creation. 

By the sounds of it, the only thing you will have to change is that you read in these values as an environment variable, instead of from a file. 

Thanks. 

View More Comments
Olve Hansen
Olve Hansen
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 25, 2019

Link is dead

Like # people like this
Daniel Santos
Daniel Santos
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 27, 2019

The link is now fixed, thank you for pointing that out @Olve Hansen

Like alistersneddon likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.