Bitbucket

Navigate to your project’s integrations tab in Infisical.

Press on the Bitbucket tile and grant Infisical access to your Bitbucket account.

Select which workspace, repository, and optionally, deployment environment, you’d like to sync your secrets to.

Once created, your integration will begin syncing secrets to the configured repository or deployment environment.

Configure a Machine Identity for your project and give it permissions to read secrets from your desired Infisical projects and environments.

Create Bitbucket variables (can be either workspace, repository, or deployment-level) to store Machine Identity Client ID and Client Secret.

Edit your Bitbucket pipeline YAML file to include the use of the Infisical CLI to fetch and inject secrets into any script or command within the pipeline.

Example

image: atlassian/default-image:3

pipelines:
  default:
    - step:
        name: Build application with secrets from Infisical
        script:
          - apt update && apt install -y curl
          - curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' | bash
          - apt-get update && apt-get install -y infisical
          - export INFISICAL_TOKEN=$(infisical login --method=universal-auth --client-id=$INFISICAL_CLIENT_ID --client-secret=$INFISICAL_CLIENT_SECRET --silent --plain)
          - infisical run --projectId=1d0443c1-cd43-4b3a-91a3-9d5f81254a89 --env=dev -- npm run build