I am using bitbucket pipeline to run test cases. In order for test cases to succeed, I need secrets which is stored in google secret manager. Is there any way I can access those secrets within bitbucket pipeline environment ?
Asked
Active
Viewed 637 times
0
ronak patel
- 378
- 1
- 8
- 24
-
Just don't. Coupling your unit tests suite to arbitrary values from an external variable store seems like a huge red flag that you should redesign the whole thing ASAP. – N1ngu Jun 24 '22 at 12:03
-
1@N1ngu Could you please elaborate? OP didn't say that those credentials are needed for running _unit_ tests. They may be used in post-deployment tests which interact with a real service. – esimonov Jun 24 '22 at 15:33
-
Fair point. It would be sensible to access those in that case. @ronak-patel how are you running those tests in your local workstation anyway? – N1ngu Jun 24 '22 at 16:32
1 Answers
0
There are a couple of options.
In case if these secrets are static, the easiest solution would be adding them to your Repository or Deployment variables. Make sure that they're marked as Secured, so that they will be masked, i.e hidden, in the logs.
Alternatively, if your secrets are rotated and must be fetched from the secrets manager on every build in order to stay up-to-date, you'll need to use corresponding CLI commands in the build script. In order for this to work you will have to give Bitbucket Pipelines access to the secrets in your cloud. For details, check out, for example, this page.
esimonov
- 546
- 3
- 8