Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Allow CI/Pipeline to be added to branch permissions

We currently have a setup building custom Bitbucket Pipes:

Permissions

Master Branch:

  write access: None

  merge via PR: Dev Group

 

And our CI setup uses the `semversioner` to cut the new release, push to docker hub, and push back to master so that Pipe's can see the new version via the pipe.yml file. This was working fine until the PR only approach was implemented.

It makes sense that the CI can't pushback since it is now set to None, however, it would be nice if we had an option in Branch Permissions to pick the CI as a user that can push back so releases can be cut by the CI server and no one else.

 

Any thoughts on how to handle this approach?

 

2 answers

also have that issue

0 votes
zkeator I'm New Here Sep 28, 2020

Create a bot / pipeline specific account, pretty much just make a new account and add it with read/write access for those branches on the repo.

Authenticate to the repo using the bot account and it'll be allowed to push commits, the current options are Oath, SSH key, or app secrets using the username / password.

 

Here is a guide from Bitbucket docs: https://support.atlassian.com/bitbucket-cloud/docs/push-back-to-your-repository/#Pushbacktoyourrepository-Pushingbackusingalternativeauthenticationmethods

Thanks for taking the time to try and help zkeator, while this is a workaround, this additional user/bot also brings additional costs to use and would still have the same restrictions as the rest of our members, only PRs can be merged via the repo restrictions, so, no user whether considered human or bot can merge.

We do have a workaround in place, but, it would be super helpful if the following was taken into consideration:

It makes sense that the CI can't pushback since it is now set to None, however, it would be nice if we had an option in Branch Permissions to pick the CI as a user that can push back so releases can be cut by the CI server and no one else.

zkeator I'm New Here Dec 17, 2020

Yeah I had to specifically grant the bot account permissions to push, not ideal but it does allow for a setup where all normal users have to use PRs except CI.

Agree on the cost of adding another user, if Bitbucket would allow you to target permissions specifically to the CI it would make life a lot easier.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira

Announcing the waitlist for Jira Work Management

Hey there Cloud Community members! We’re excited to give you the first glimpse of the new home for business teams on Jira — Jira Work Management. Jira Work Management is the next generation of J...

890 views 14 20
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you