Working with the container registry
You can store and manage Docker and OCI images in the container registry.
Set up and use packages
Prerequisites to access Bitbucket Packages
Workspace must be linked to an Atlassian organization. Check out our support documentation for more details on how to link your workspace to an Atlassian org.
You must have either a Standard or Premium plan. This feature is available exclusively on Standard and Premium plans with specific limits based on the plan. Check out Bitbucket plans and pricing for packages
Packages can only be created and used by customers on a monthly plan.
Packages are supported only in team-managed workspaces. Read about different workspaces
What are Packages?
Packages bring artifact management directly into Bitbucket Cloud workflows. Development teams can publish, manage, and consume packages, including container images, npm packages, and Maven packages, all linked to specific repositories.
The Bitbucket package registry offers:
A workspace-level namespace for packages integrated directly into Bitbucket Cloud.
Repository-linked packages that inherit repository permissions (Admin, Write, Read).
A unified developer experience, where source code, pipelines, and artifacts live together in one place.
Authentication
You can authenticate with Packages using an API token or natively through the Bitbucket Pipelines integration.
Create an Atlassian API token in Bitbucket
Publishing and consuming packages requires you to authenticate your client with an Atlassian API token.
To create an API token, visit https://id.atlassian.com/manage-profile/security/api-tokens and select
Create API token with scopes.Enter a name and expiry for the token.
Select the required scope
read:package:bitbucket.You can also select the
write:package:bitbucketscope if you want the token to allow publishing packages to the registry.
Bitbucket Pipelines integration
To authenticate to the Bitbucket package registry within Bitbucket Pipelines, you can use the BITBUCKET_PACKAGES_USERNAME and BITBUCKET_PACKAGES_TOKEN environment variables available to each step in your Bitbucket Pipeline runs. These variables are scoped to the same repository where the pipeline is running, so they only grant access to packages within that repository. Learn more about using variables to integrate with Pipelines.
Permissions:
The package registry operates within a workspace with packages linked to individual repositories. Package permissions align with the following repository roles: Admin, Write, and Read as described below.
Repository permission | Description |
|---|---|
Admin | Can create a new package linked to a repository, allowing the package to inherit the repository's permissions, and can also delete packages. |
Write | Can publish packages to the Bitbucket package registry, and can also delete package versions. |
Read | Can consume packages that have been published to the Bitbucket package registry. |
Workspace deletion impact on package registry
When you delete a Bitbucket workspace, all packages in the workspace become inaccessible. However, the packages will remain in our systems for up to 30 days. You will not be charged for storage during this 30-day period.
Repository deletion impact on package registry
When you delete a Bitbucket repository, all packages linked to the repository become inaccessible. The packages will remain in our systems for up to 30 days. You will be charged for storage and will not be able to reuse those image names during this 30-day period.
If you want to avoid incurred cost during this period, you will need to delete all the packages linked to the repository before deleting the repository.
Was this helpful?
Still need help?
The Atlassian Community is here for you.