For Bitbucket Pipelines, you can use project or user access tokens for authenticating your build with Depot. We recommend using project tokens as they are scoped to a specific project and owned by the organization.
Note: The CLI looks for the DEPOT_TOKEN environment variable by default. For both token options, you should configure this variable for your build environment via repository variables.
You can inject project access tokens into the Pipeline environment for depot CLI authentication. These tokens are tied to a specific project in your organization and not a user.
It is also possible to generate a user access token to inject into the Pipeline environment for depot CLI authentication. This token is tied to a specific user and not a project. Therefore, it can be used to build all projects across all organizations that the user can access.
To build a Docker image from Bitbucket Pipelines, you must set the DEPOT_TOKEN environment variable in your repository settings. You can do this through the UI for your repository via the Repository Settings > Pipelines > Repository variables.
In addition, you must also install the depot CLI before you run depot build.
pipelines:
branches:
master:
- step:
name: Install Depot CLI and build
script:
- curl -L https://depot.dev/install-cli.sh | DEPOT_INSTALL_DIR=/usr/local/bin sh
- depot build .This example shows how you can use the --platform flag to build a multi-platform image for Intel and Arm architectures natively without emulation.
pipelines:
branches:
master:
- step:
name: Build multi-architecture image
script:
- curl -L https://depot.dev/install-cli.sh | DEPOT_INSTALL_DIR=/usr/local/bin sh
- depot build --platform linux/amd64,linux/arm64 .This example installs the depot CLI to be used directly in the pipeline. Then, docker login is invoked with the environment variables for DOCKERHUB_USERNAME and DOCKERHUB_TOKEN for the authentication context of the build to push to the registry.
pipelines:
branches:
master:
- step:
name: Authenticate, Build, Push to Docker Hub
script:
- curl -L https://depot.dev/install-cli.sh | DEPOT_INSTALL_DIR=/usr/local/bin sh
- docker login --username $DOCKERHUB_USERNAME --password $DOCKERHUB_TOKEN
- depot build -t <your-registry>:<your-tag> --push .
services:
- docker # Needed just for logging the Docker build context into a registryThis example installs the depot and aws CLIs to be used directly in the pipeline. Then, aws ecr get-login-password is piped into docker login for the authentication context of the build to push to the registry.
pipelines:
branches:
master:
- step:
name: Authenticate, Build, Push to ECR
script:
- curl -L https://depot.dev/install-cli.sh | DEPOT_INSTALL_DIR=/usr/local/bin sh
- curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
- unzip awscliv2.zip
- ./aws/install
- aws --version
- aws ecr get-login-password --region <your-ecr-region> | docker login --username AWS --password-stdin <your-ecr-registry>
- depot build -t <your-ecr-registry>:<your-tag> --push .
services:
- docker # Needed just for logging the Docker build context into a registryYou can use the --load flag to download the built container image into the workflow.
pipelines:
branches:
master:
- step:
name: Install Depot CLI, build, load image back into the Pipeline
script:
- curl -L https://depot.dev/install-cli.sh | DEPOT_INSTALL_DIR=/usr/local/bin sh
- depot build --load .You can simultaneously push the built image to a registry and load it back into the CI job by using the --load and --push flag together.
pipelines:
branches:
master:
- step:
name: Install Depot CLI, build, load image back into the Pipeline
script:
- curl -L https://depot.dev/install-cli.sh | DEPOT_INSTALL_DIR=/usr/local/bin sh
- depot build -t <your-registry> --push --load .