It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Getting 403 in pipeline (build inside Docker container) when accessing my private repo. Edited

Hi,

 

I am trying to run atlassian pipeline with my private repo. Having created Dockerfile like this:

FROM golang:1.11
RUN mkdir /root/.ssh/
ADD bitbucket.org /root/.ssh/id_rsa

RUN
touch /root/.ssh/known_hosts
RUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hosts

RUN
git config --global url.ssh://git@bitbucket.org/.insteadOf https://bitbucket.org/

COPY
. /build
WORKDIR /build

RUN
make build

Where bitbucket.org is the private SSH cert with the public key added in to the repo keys section. "make build" command does go app build with go modules on.

During the go modules downalod im getting 403 error as soon as go tries to access my private repo.

This docker build works just fine on local machine with ordinal docker build command.

Response is:

https://api.bitbucket.org/2.0/repositories/arkadyb/myrepo?fields=scm: 403 Forbidden

What am i doing wrong?

 

1 answer

Was able to find solution.

 

This Docker file works both Atlassian Pipeline and local machine:

FROM golang:1.11

RUN mkdir /root/.ssh/
ADD bitbucket.org /root/.ssh/id_rsa
RUN chmod 400 /root/.ssh/id_rsa

RUN touch /root/.ssh/known_hosts
RUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hosts
RUN git ls-remote git@bitbucket.org:[myusername]/[myprivatereponame].git
RUN git config --global url.ssh://git@bitbucket.org/.insteadOf https://bitbucket.org/

COPY
. /build
WORKDIR /build

RUN make build

 

Ofcouse the public key is added in to the access keys section of given private repo.

I've tried this:

 

```

RUN mkdir /root/.ssh/
ADD serviceBitbucketKey.ssh /root/.ssh/id_rsa
RUN chmod 400 /root/.ssh/id_rsa

RUN touch /root/.ssh/known_hosts
RUN ssh-keyscan bitbucket.org >> /root/.ssh/known_hosts
RUN git ls-remote git@bitbucket.org:orgName/repo.git
RUN git config --global url.ssh://git@bitbucket.org/.insteadOf https://bitbucket.org/

```

But fails with:

```
Load key "/root/.ssh/id_rsa": invalid format
```

The `serviceBitbucketKey.ssh` was generated with:
```

ssh-keygen -t rsa -b 4096 -f serviceBitbucketKey.ssh

```

Any suggestions?

the `serviceBitbucketKey.ssh`'s pub record is added to bitbucket.

I have a feeling that the actual key generation is the problem here...

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket Pipelines

What We Learned When We Researched Open Source Vulnerabilities in 7 Popular Coding Languages

...hey are a part of us, shaping how we interact with the world around us. The same holds true for programming languages when we think about how different kinds of vulnerabilities raise their heads in t...

1,044 views 0 3
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you