Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New bitbucket guide #13032

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
+160 −22
Open

New bitbucket guide #13032

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6603868
new bitbucket guide
interurban Oct 3, 2024
63f30a1
adding bitbucket logo to hub page, fixing some new url paths
interurban Oct 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 26 additions & 22 deletions content/docs/iac/packages-and-automation/continuous-delivery/_index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,73 +27,77 @@ process that you have today. For example, doing code reviews via Pull Requests,
analysis tools, and running unit and integration tests as appropriate. It all "just works" for your cloud
infrastructure the same way it would for your application code.

Pulumi can easily integrate into any continuous integration/continuous delivery (CI/CD) system. If your CI/CD system isn't listed below or you are testing something new, see [adding support for CI/CD systems](/docs/using-pulumi/continuous-delivery/add-support-for-cicd-systems).
Pulumi can easily integrate into any continuous integration/continuous delivery (CI/CD) system. If your CI/CD system isn't listed below, or you are testing something new, see [adding support for CI/CD systems](/docs/iac/packages-and-automation/add-support-for-cicd-systems).

> Looking to troubleshoot failures related to running Pulumi in CI/CD? Check out our [CI/CD troubleshooting guide](/docs/using-pulumi/continuous-delivery/troubleshooting-guide).
> Looking to troubleshoot failures related to running Pulumi in CI/CD? Check out our [CI/CD troubleshooting guide](/docs/iac/packages-and-automation/troubleshooting-guide).

<div class="supported-cicd-platforms">
<a href="/docs/using-pulumi/continuous-delivery/aws-code-services">
<a href="/docs/iac/packages-and-automation/continuous-delivery/aws-code-services">
<img src="/logos/tech/ci-cd/aws-codedeploy.svg" alt="AWS Code Services">
<h4 class="no-anchor">AWS Code Services</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/azure-devops">
<a href="/docs/iac/packages-and-automation/continuous-delivery/azure-devops">
<img src="/logos/tech/ci-cd/azure-devops.svg" alt="Azure DevOps">
<h4 class="no-anchor">Azure DevOps</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/circleci">
<a href="/docs/iac/packages-and-automation/continuous-delivery/circleci">
<img src="/logos/tech/ci-cd/circleci.svg" alt="CircleCI">
<h4 class="no-anchor">CircleCI</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/codefresh">
<a href="/docs/iac/packages-and-automation/continuous-delivery/codefresh">
<img src="/logos/tech/ci-cd/codefresh.svg" alt="Codefresh">
<h4 class="no-anchor">Codefresh</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/github-actions">
<a href="/docs/iac/packages-and-automation/continuous-delivery/github-actions">
<img src="/logos/tech/ci-cd/github-actions.svg" alt="GitHub Actions">
<h4 class="no-anchor">GitHub Actions</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/gitlab-ci">
<a href="/docs/iac/packages-and-automation/continuous-delivery/gitlab-ci">
<img src="/logos/tech/ci-cd/gitlab-ci.svg" alt="GitLab CI">
<h4 class="no-anchor">GitLab CI</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/google-cloud-build">
<a href="/docs/iac/packages-and-automation/continuous-delivery/google-cloud-build">
<img src="/logos/tech/ci-cd/google-cloud-build.png" alt="Google Cloud Build">
<h4 class="no-anchor">Google Cloud Build</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/jenkins">
<a href="/docs/iac/packages-and-automation/continuous-delivery/jenkins">
<img src="/logos/tech/ci-cd/jenkins.svg" alt="Jenkins">
<h4 class="no-anchor">Jenkins</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/octopus-deploy">
<a href="/docs/iac/packages-and-automation/continuous-delivery/octopus-deploy">
<img src="/logos/tech/ci-cd/octopus-deploy.svg" alt="Octopus Deploy">
<h4 class="no-anchor">Octopus Deploy</h4>
</a>
<a href="/docs/pulumi-cloud/deployments/">
<img src="/logos/brand/avatar-on-white.png" alt="Pulumi Deployments">
<h4 class="no-anchor">Pulumi Deployments</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/pulumi-kubernetes-operator">
<a href="/docs/iac/packages-and-automation/continuous-delivery/pulumi-kubernetes-operator">
<img src="/logos/tech/ci-cd/kubernetes.png" alt="Pulumi Kubernetes Operator">
<h4 class="no-anchor">Pulumi Kubernetes Operator</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/teamcity">
<a href="/docs/iac/packages-and-automation/continuous-delivery/teamcity">
<img src="/logos/tech/ci-cd/teamcity.svg" alt="JetBrains TeamCity">
<h4 class="no-anchor">JetBrains TeamCity</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/spinnaker">}}">
<a href="/docs/iac/packages-and-automation/continuous-delivery/spinnaker">}}">
<img src="/logos/tech/ci-cd/spinnaker.svg" alt="Spinnaker">
<h4 class="no-anchor">Spinnaker</h4>
</a>
<a href="/docs/using-pulumi/continuous-delivery/travis">
<a href="/docs/iac/packages-and-automation/continuous-delivery/travis">
<img src="/logos/tech/ci-cd/travis-ci.svg" alt="TravisCI">
<h4 class="no-anchor">TravisCI</h4>
</a>
<a href="/docs/iac/packages-and-automation/continuous-delivery/bitbucket">
<img src="/logos/tech/ci-cd/bitbucket.svg" alt="Bitbucket">
<h4 class="no-anchor">Bitbucket</h4>
</a>
</div>

> Pulumi can also bridge results from your CI/CD system with GitHub, surfacing the results of stack updates
> on GitHub pull requests. See the [Pulumi GitHub App](/docs/using-pulumi/continuous-delivery/github-app/) for more information.
> on GitHub pull requests. See the [Pulumi GitHub App](/docs/iac/packages-and-automation/continuous-delivery/github-app/) for more information.

### Configuration and Secrets
### Configuration and secrets

Pulumi is designed to be entirely code-centric, including the way in which configuration and secrets are managed.
Configuration values and secrets are stored safely inside of `Pulumi.yaml` files, which you will commit.
Expand All @@ -103,18 +107,18 @@ Secret configuration values are encrypted on [app.pulumi.com](https://app.pulumi
source code repository. But you can use your own secrets provider, ensuring that only you have access to your
sensitive information. See [Managing Secrets with Pulumi](/blog/managing-secrets-with-pulumi/) for more information.

### Managing Complex Environments
### Managing complex environments

Most real-world environments are complex. Perhaps you have a networking stack that's independent from your data
and application stacks. Pulumi [supports "stack references"](/docs/guides/organizing-projects-stacks), which
and application stacks. Pulumi [supports "stack references"](/docs/iac/guides/organizing-projects-stacks), which
permit one stack to depend upon another. This facilitates continuous delivery and integration at scale.

### Using Branches for Environments
### Using branches for environments

Pulumi is agnostic to what sort of branching strategy you take. Most customers use Git-based flows; the most common is
to use one branch-per-[stack](/docs/concepts/stack/). This allows you to control deployments to environments
to use one branch-per-[stack](/docs/iac/concepts/stack/). This allows you to control deployments to environments
using your usual commit, code review, and approval process, such as GitHub pull requests.

If you are using GitHub pull requests to trigger updates, you will likely want to use the
[Pulumi GitHub App](/docs/using-pulumi/continuous-delivery/github-app/). This gives you interactive infrastructure change previews
[Pulumi GitHub App](/docs/iac/packages-and-automation/github-app/). This gives you interactive infrastructure change previews
inside of your Pull Request, making it easier to see, review, and comment on any changes before a deployment occurs.
108 changes: 108 additions & 0 deletions content/docs/iac/packages-and-automation/continuous-delivery/bitbucket.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
---
title_tag: "Using Bitbucket Pipelines | CI/CD"
meta_desc: This page details how to use Bitbucket Pipelines to manage deploying staging and production stacks based on commits to specific Git branches.
title: Bitbucket Pipelines
h1: Pulumi CI/CD & Bitbucket
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider "Pulumi CI/CD with Bitbucket Pipelines". Since we specify "Github Actions" instead of just "Github" in that guide.

meta_image: /images/docs/meta-images/docs-meta.png
menu:
iac:
name: Bitbucket Pipelines
parent: iac-packages-automation-cicd
weight: 2
usingpulumi:
parent: cont_delivery
weight: 1

---

[Bitbucket Pipelines](https://support.atlassian.com/bitbucket-cloud/docs/get-started-with-bitbucket-pipelines/) is an CI/CD service built into Bitbucket Cloud. It allows you to build, test, and deploy your code automatically to your Pulumi staging and production stacks based on commits to specific Git branches.

This guide provides examples for integrating Bitbucket Pipelines with a [Pulumi AWS TypeScript project](/docs/iac/get-started/), but the outlined steps can be adapted for other projects in your favorite language.

## Prerequisites

- Sign up for a [Pulumi account](https://app.pulumi.com)
- Create a [Pulumi Access Token](https://app.pulumi.com/account/tokens)
- Install the [latest Pulumi CLI](/docs/install/)
- Create a [Bitbucket account](bitbucket.org) with Pipelines enabled
- Create a [new Bitbucket repository](https://support.atlassian.com/bitbucket-cloud/docs/create-a-git-repository/), and ensure you do not initialize it with a README

- Create a [new Pulumi project](https://www.pulumi.com/learn/pulumi-fundamentals/create-a-pulumi-project/) and [initialize it as a git repository](https://git-scm.com/docs/git-init)

## Setting up environment variables

To use Pulumi within Bitbucket Pipelines, there are a few environment variables you'll need to set.

The first is `PULUMI_ACCESS_TOKEN`, which is required to authenticate with Pulumi in order to
perform the `preview` or `update`.

Next, you will need to set environment variables specific to your cloud resource provider.
For example, if your stack is managing resources on AWS, you will need to set `AWS_ACCESS_KEY_ID` and
`AWS_SECRET_ACCESS_KEY`.

{{% notes type="info" %}}

Add these variables in Bitbucket to your **Repository settings > Repository variables**, ensuring you click on the **Secured** checkbox, as is a security best practice to mark any sensitive variables as protected in Bitbucket. You can learn more about how to protect environment variables by referencing their [variables and secrets](https://support.atlassian.com/bitbucket-cloud/docs/variables-and-secrets/) documentation.

{{% /notes %}}

## Bitbucket pipeline configuration

In Bitbucket, a CI/CD pipeline is defined in a yaml file labeled `.bitbucket-pipelines.yml`. This file must exist in the root of your repository and defines how Bitbucket Pipelines will build and deploy your Pulumi stack.

Here's an example configuration:

```yaml
# This is an example Bitbucket starter pipeline configuration
# Use a skeleton to build, test and deploy using manual and parallel steps
# -----
# You can specify a custom docker image from Docker Hub as your build environment.

image: atlassian/default-image:4

pipelines:
pull-requests:
'**':
- step:
script:
- if [ "${BITBUCKET_PR_DESTINATION_BRANCH}" != "main" ]; then printf 'target branch not main, skipping preview'; exit; fi
- step:
name: 'Run Pulumi Preview'
image: pulumi/pulumi-nodejs:latest
script:
- npm ci
- pulumi login
- pulumi stack select $STACK
- pulumi preview

branches:
main:
- step:
name: 'Run Pulumi Up'
image: pulumi/pulumi-nodejs:latest
script:
- npm ci
- pulumi login
- pulumi stack select $STACK
- pulumi up --yes

```

When working with Pulumi in Bitbucket Pipelines with Pulumi, you will need to specify when certain actions, like previews, are run.

```yaml
'**':
- step:
script:
- if [ "${BITBUCKET_PR_DESTINATION_BRANCH}" != "main" ]; then printf 'target branch not main, skipping preview'; exit; fi
'**':
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This appears to be duplicated.

- step:
script:
- if [ "${BITBUCKET_PR_DESTINATION_BRANCH}" != "main" ]; then printf 'target branch not main, skipping preview'; exit; fi
```

This step and script ensures that the following Pulumi preview step only runs if the pull request is targeting the main branch. This avoids unnecessary previews for pull requests to other branches.

## Running the pipeline

Once the `.bitbucket-pipelines.yml` is committed, each push to the repository will trigger the pipeline, automating the deployment of your infrastructure. You can monitor the pipeline status in the **Pipelines** tab in Bitbucket.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"each push or pull request to the main branch of the repository"

26 changes: 26 additions & 0 deletions static/logos/tech/ci-cd/bitbucket.svg
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading