Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Only allow pipeline to push into master?

We are using semantic release in our pipeline which means that after merging a branch the pipeline has to push a new commit with a version tag. This seems to be only possible if Everybody is allowed to push to master which we do not want.

Is there a way to explicitly allow the pipeline to push to master?

2 answers

Hi Christoph,

Could you explain in a bit more detail why everyone would need permission to push to master in your current setup?

Unfortunately Pipelines doesn't yet have a great solution for pushing back to the repository and the resources for working out how to do so are fragmented but I believe it should be possible to do what you want using ssh keys and environment variables.

https://confluence.atlassian.com/bitbucket/use-ssh-keys-in-bitbucket-pipelines-847452940.html

https://bitbucket.org/site/master/issues/13213/push-back-to-remote-from-pipelines

I'll see if I can do something about creating a more cohesive guide for how to do this.

Cheers,
Steven

Hi Steven,

when using semantic release the pipeline has to be able to push a new commit containing the version tag after a branch has been merged into master. This works as long as the master has no push restrictions. Since the pipeline uses an anonymous ssh key we cannot explicitly allow the pipeline to exclusively push to master short of spending the money to create a pipeline user. 

This leaves us with the option to not push to master as a policy which went wrong once already.

Ok thanks for clarifying. I'm not aware of a way to do this currently without creating a separate user account for use by the pipeline. If you like you can create a feature request here: https://bitbucket.org/site/master/issues

 

Highly voted feature requests are an important source of information for us when planning new features.

what worked for me
1) create a dedicated user for BB Pipeline, f. ex ROBOT

2) create private and public ssh keys for it, update the user with the key

3) go to settings->branch permission-> add -> branch name: master; merge via PR : ROBOT or write access: ROBOT (depends on what you actually want); make sure nobody else has access

4) go to settings-> SSH keys (under pipeline settings) -> use my own keys -> add private and public key of the ROBOT from step 2

now very easy, but worked for me

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket Pipelines

What We Learned When We Researched Open Source Vulnerabilities in 7 Popular Coding Languages

...hey are a part of us, shaping how we interact with the world around us. The same holds true for programming languages when we think about how different kinds of vulnerabilities raise their heads in t...

1,227 views 0 3
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you