Manage BitBucket Pipelines environment variables

Matt Conway

Matt Conway

Co-founder & CTO

CloudTruth Integration: Bitbucket Pipelines

CI/CD pipelines like Bitbucket can be notoriously complex to manage, especially if you have to coordinate configuration across many different environments, projects, and teams. The underlying infrastructure and code for each environment may be similar, but will always have different parameters, secrets, and ENV variables. Using CloudTruth’s Bitbucket pipeline integration, you can manage each environment’s configuration with a single source of truth.

In a typical Bitbucket pipeline, there are dozens if not hundreds of configuration items for databases, server names, passwords, API keys, web service names, and so on. Each of these configuration items will differ across various environments. Instead of manually tracking and updating each of these items, let’s dig into how CloudTruth helps reduce misconfigurations and improves efficiency by organizing and simplifying configurations.

Bitbucket Pipelines, Meet CloudTruth Parameters

Instead of repeating yourself (and having to manage each configuration on its own) in multiple places, CloudTruth’s project parameters and secrets can help you implement a DRY (“Don’t Repeat Yourself”) best practice. By centralizing all that configuration in a single place, you can save a lot of time.

Rather than storing configuration items directly in a Bitbucket repository, forcing you to manage access and changes in many places, define them as CloudTruth parameters or secrets. When stored in CloudTruth, you can then dynamically call upon them in the pipeline at will via the CloudTruth API or CLI.

For example, one way you can define these parameters is via the CloudTruth web interface shown below. Once you’ve defined parameters by the environment they should be accessed in, you can call upon them at any time during the pipeline’s workflow using the CloudTruth API.

Bitbucket Pipelines and CloudTruth Repository Variables

CloudTruth provides many options to expose configuration items to Bitbucket pipelines. One popular way is through repository variables. Repository variables are a great way to store and access environment variables in a pipeline via CloudTruth.

By simply creating a repository variable called CLOUDTRUTH_API_KEY and linking a Bitbucket pipeline, your Bitbucket pipelines can access all CloudTruth parameters and repository variables using the CloudTruth CLI or API.

cloudtruth bitbucket pipelines integration for multiple environments

Creating a Simple CloudTruth-Enabled Bitbucket Pipeline

Enough theory – let’s build a simple Bitbucket pipeline to demonstrate how you can integrate CloudTruth’s environment-specific, centralized configuration.

In the example below, we have a CloudTruth project created called MyFirstProject with an environment called staging that contains various configuration items. To pull these configuration items from CloudTruth, we’re installing the CloudTruth CLI on the build agent and exporting all of the CloudTruth variables via dotenv.

Once the build agent sees the CloudTruth variables, the pipeline can then access these variables as necessary. In this example, the pipeline will return all the available environment variables within the CloudTruth staging environment via the printenv command.

pipelines:
  default:
        	- step:
        	name: 'Install CloudTruth CLI:'
        	script:
                    	# Install the CloudTruth CLI on the build agent
        	- (curl -sL https://github.com/cloudtruth/cloudtruth-cli/releases/latest/download/install.sh || wget -qO- https://github.com/cloudtruth/cloudtruth-cli/releases/latest/download/install.sh) | sh      
        	# Prints the version of the CLI installed
                        - cloudtruth -V
                    	# Prints all CloudTruth parameters in the staging environment
        	- cloudtruth --project MyFirstProject --env staging run -i none -- printenv
                    	# Makes all CloudTruth parameters available as local environment variables
        	- cloudtruth --project MyFirstProject --env staging parameter export shell --export > dotenv
         
                    	# Pass the environment variables between steps 
        	artifacts:
        	- dotenv
        	# Using the CloudTruth CLI exported and environment variables in the pipeline
        	- step:
        	name: 'CloudTruth Variables Deployment to Staging'
        	deployment: staging
        	script:
        	- echo "Test CloudTruth Staging Step"
                    	# Bring the environment variables in from the last step
        	- source dotenv
                    	## Print the available environment variables
        	- printenv

Streamline Your BitBucket Pipelines

If you’re still managing dozens of configuration items across many different environments in your Bitbucket pipelines, it’s time to look into how CloudTruth can make your life easier with  Bitbucket integration.

By centralizing all configuration items in a structured, environment-specific approach, gone are the days of wasting time managing variables, which buys back more time for building successful deployments.