Skip to content
Latchkey

How to Require Manual Approval Before Deploy in Bitbucket Pipelines

Bitbucket gates a production deploy with a manual-trigger step, restricted by deployment-environment permissions.

Make the deploy step trigger: manual and target a deployment: environment. Configure deployment permissions on that environment so only authorized users can release.

Manual deploy to a restricted environment

Build runs automatically; the production deploy waits for a manual click and is permission-gated.

bitbucket-pipelines.yml
pipelines:
  branches:
    main:
      - step:
          name: Build
          image: node:20
          script: [ npm ci && npm run build ]
          artifacts: [ dist/** ]
      - step:
          name: Deploy to production
          deployment: production
          trigger: manual
          script: [ ./deploy.sh dist/ ]

Gotchas

  • The first step of a pipeline cannot be trigger: manual - the deploy must follow an automatic step.
  • Who can run the manual deploy is controlled by deployment permissions on the environment, set in repository settings.
  • Naming the environment production (a deployment-type environment) is what unlocks environment-scoped variables and permissions.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →