Hello,

I am currently loading the environment variables from env.yml file. This file is not committed in the repo.

However if I want to automate the deployment process, the file needs to be there since sls deploy command will be run by the pipeline instead of my local machine.

What can I do to keep the env.yml file safe? If its committed to git, gitignore won’t work on it any more and someone can accidentally commit the file.

That’s not exactly what you asked for but you can instead use bitbucket repository variables… There is also an option to make a secret variable

I am loading the variables in env.yml from bitbucket
repository variables