Skip to main content
Create or update a Bitbucket Pipelines repository variable without leaving the terminal. The command resolves the target repository from the origin remote in .git/config in the current directory, reads your saved credentials, and calls the Bitbucket API to create the variable — or look up its UUID and update it when the key already exists. The variable is created secured so its value stays hidden. When it finishes, it prints the repository’s variables settings URL. Pushing a variable requires Bitbucket credentials saved with bitbucket:credentials:create. The username and app password are read from ~/.talos/credentials/bitbucket.yml and sent as HTTP Basic auth.
This targets Bitbucket Cloud (api.bitbucket.org), and the repository must have Pipelines enabled for the variables endpoint to exist. The app password needs the Pipelines: Read and write permission.

Usage

talos bitbucket:secret:push [options]
Run this from inside the repository whose variable you want to set — the workspace/repo slug is taken from that repository’s origin remote.

Examples

Run with no flags to be prompted for the variable name and value (the value input is hidden):
talos bitbucket:secret:push
Provide the name and value non-interactively (useful in CI):
talos bitbucket:secret:push --name=DEPLOY_TOKEN --value="$DEPLOY_TOKEN"

Options

OptionDescriptionDefault
--nameName (key) of the Pipelines variable to create or update.Prompted if omitted
--valueValue to store for the variable.Prompted (hidden) if omitted
--silentSuppress the spinner, success message, and settings URL.false
The command fails if it cannot find Bitbucket credentials, cannot determine the repository from .git/config, or the Bitbucket API rejects the request.