I have a Bitbucket Team/Project created in Jenkins, and I have added credentials to Jenkins and given the Jenkins folder for my Bitbucket team project access to those credentials.

Currently, the plugin is scanning all branches of all repositories in my PROJECT.  We are using the GitFlow branching model for GIT.  We have Bitbucket configured with develop as the default development branch, and master as the production branch.  We have both of those configured to only allow changes via pull requests.

I'm looking for some way to have credentials that can only be accessed from builds running against master, credentials that can only be accessed from builds running against develop, and credentials that can be accessed from all other builds.

This would allow us to have credentials that can release a project, or deploy it to various environments, but not allow any developer to create a feature branch and release artifacts from that branch with privileged credentials and no oversight.

WORKAROUNDS ATTEMPTED:

• Create multiple Bitbucket team projects in Jenkins for the same Bitbucket project and configure each to build only specific branches. 
  • Unfortunately this didn't work as the plugin seems to use the Bitbucket project name as some sort of key and the jobs seemed to conflict with each other
• Use multiple jenkins instances to segregate the branches, and place the necessary credentials in each instance.
  • This works, but seems like a significant overhead for something that could be configured to work in one instance of Jenkins