I cannot push back to branch from pipelines.

Piotr Rotynski December 5, 2019

What am I missing as, in certain repositories, I cannot push back to branch from within the bitbucket pipeline?


I have taken the bitbucket-pipeline.yml from here.
https://confluence.atlassian.com/bitbucket/deploy-to-npm-967317547.html
And edited it for my purposes so it eventually looks like this (no npm publishing step or deployment)

image: node:10.15.1

pipelines:
  default:
    - step:
        name: Build and Test
        script:
          - npm install
          
    - step:
        name: Publish
        
        script:
          - npm version minor -m "Upgrade to %s [skip ci]"
          - git push && git push --tags

 

Everything works fine until I limit write permission to a single user. Than pipeline fails with error.


remote: Permission denied to update branch publishing.

This happens in the company bitbucket account. No such problem appears on my personal free bitbucket account.
In both cases

  • I created the repo myself. only for the sake of the experiment [however the company repo has additional owner field specified that equals to organization name]
  • I limited write permissions to one specific user (this is myself)
  • I've taken pipeline ssh and pasted it to ssh keys of the very user that has write access
  • Pasted key has never bees used

I followed these steps to do setup the ssh keys: (link : https://community.atlassian.com/t5/Bitbucket-questions/Problem-getting-BitBucket-Pipelines-to-commit-back-version/qaq-p/760022)

Probably the most straightforward order of operations would be:

  1. Create a bot user account in BB

  2. As a repo admin, give the bot user account write permission to the repository in Repo settings > general > user and group access
  3. Go into Repo settings > Pipelines > SSH keys

  4. Generate a key pair and then copy the public key (this is the key pipelines will use to identify itself)

  5. Switch to the bot account and navigate to Bitbucket settings >Security >  SSH keys

  6. Paste public key (we are giving the bot the same ID that we are using for pipelines)

 

In above steps I skipped creating bot account, I made myself 'the bot'. However, as in working solution, the key is never used I am not sure if it is anyhow connected.

 

 

0 answers

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events