Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Trouble running nextflow (nf-core) pipeline - docker authorization denied

Michael Beavitt
Michael Beavitt
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
December 17, 2023

I'm working on a CI nextflow pipeline for some bioinformatics projects. The way it works, is it spawns a docker container for each step of the pipeline to complete the job, and then moves onto the next one. Everything happens in the ./work directory.

For some reason, it is being denied the ability to create new containers in Bitbucket cloud's workspace:

 

 

docker: Error response from daemon: authorization denied by plugin pipelines: -v only supports $BITBUCKET_CLONE_DIR and its subdirectories.

 

 

But it seems like I satisfy those requirements:

 

echo $PWD
/opt/atlassian/pipelines/agent/build
echo $BITBUCKET_CLONE_DIR
/opt/atlassian/pipelines/agent/build
Can someone help me figure out what's going on?
Answer
Watch
Like Be the first to like this
566 views

1 answer

1 accepted

0 votes
Answer accepted
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 19, 2023

Hi Michael and welcome to the community!

The argument -v in the docker run command is used to mount directories into the container that starts with this command:

For Pipelines builds that run on Atlassian's infrastructure, we don't allow mapping volumes with a source outside $BITBUCKET_CLONE_DIR. You can find a list of all restricted commands here:

You will need to check the docker run command that starts these containers or the docker-compose.yml in case you use Compose and only mount directories with a source inside $BITBUCKET_CLONE_DIR.

We have a feature request for allowing mounting volumes outside $BITBUCKET_CLONE_DIR: https://jira.atlassian.com/browse/BCLOUD-20986

This restriction does not apply to the self-hosted pipeline runners. If you have a Linux machine where you can run your builds, you could also use a Linux Docker Runner:

Kind regards,
Theodora

View More Comments
Michael Beavitt
Michael Beavitt
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
December 19, 2023

Thanks Theodora,

Unfortunately it's not possible to use any of the company machines as a runner, but I figured out the issue. 

Nextflow was trying to use 'user emulation' in docker, which meant mounting /etc/passwd and some other root directories, and I was able to turn off this feature in the config file.

It runs fine now!

They've also updated nf-core after an issue was raised to remove this default behaviour so this shouldn't be an issue in future..!

Like Theodora Boudale likes this
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 20, 2023

Thank you for the update Michael, it's good to hear that the issue is resolved now!

Please feel free to reach out if you ever need anything else!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.