CI/CD Integrations Now Live: GitHub Actions, GitLab, Bitbucket

Zero has just launched integrations with GitHub Actions, GitLab CI/CD, and Bitbucket Pipelines. These integrations automatically sync your Zero secrets to your CI/CD system, so that the secrets are available to your pipelines as environment variables.

This functionality is useful because deployment pipelines typically need the access token for your cloud provider, e.g. AWS or Vercel. Now, instead of having to manually configure these credentials in the CI/CD system, you can sync them from Zero with just a few clicks. And when the secrets are updated in Zero, they automatically get updated in the CI/CD system as well.

Example: Bitbucket Pipelines

Here's a demonstration of how the CI/CD integrations work. This example uses Bitbucket pipelines, but the overall workflow is much the same for the other platforms.

Suppose you have a Zero project with an AWS secret, and you want to deploy to AWS from your Bitbucket pipeline. The first step is to switch to the Integrations tab in Zero, and enable the Bitbucket integration. You'll be prompted to select the workspace, repository, and environment to sync the secrets to:

Once the integration is created, the secrets have been synced to Bitbucket. To confirm this, go to Bitbucket and select Repository settings > Pipelines > Deployments. Scroll down to the Production environment, and you'll see that the AWS credentials have been synced:

To use these variables in your pipeline, simply prefix them with a $, like $ACCESS_KEY_ID. You can learn more about variables and secrets in Bitbucket pipelines here .