Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

BitBucket Pipelines and OpenVPN

Has anyone managed to get an OpenVPN client working within pipeline docker containers?

We have built our own image and tested locally and it works fine with docker command line option --cap-add=NET_ADMIN however it doesn't work within the BitBucket Cloud service as their docker containers don't seem to enable this option.

Any advice or alternate solutions much appreciated.

6 answers

2 votes

Hi Stuart,

Instead of using Service containers for OpenVPN clients, you can run your own docker containers manually in your build with the necessary CLI options.

pipelines:
default:
- step:
services:
- docker
script:
- docker run --cap-add=NET_ADMIN your-image:tag

Docker run docs: https://confluence.atlassian.com/bitbucket/run-docker-commands-in-bitbucket-pipelines-879254331.html

Please keep in mind that we have some security restrictions that will be applied, so you may be unable to attain all the necessary capabilities to still successfully run OpenVPN. If it's problematic, I'm unsure if there's any workarounds in Pipelines I can suggest. But see how you go. :)

Thanks,

Phil

Hi Phillip,

thanks a lot for the answer.

However it does not work like that, I just get an error "docker: Error response from daemon: authorization denied by plugin pipelines: --cap-add is not allowed."

Is there any other ways to connect to secured network from BB Pipeline?

Hi @Oleg Sigida 

Indeed. We don't allow any cap-add flags anymore for security reasons.

The only feedback I can offer is to follow this ticket: https://bitbucket.org/site/master/issues/12753/allow-customers-to-connect-the-pipelines

We'd like to explore this feature, but have received limited feedback at the moment. If you have time, can you fill out this survey? https://docs.google.com/forms/d/e/1FAIpQLSdzEBor1vVSxopOnLnTheJ_QoozXqn5i1JIL9KQW-h6g1wkaQ/viewform

Thanks,

Phil

Like Daniel Santos likes this

thanks! will have a look what options are possible

And the form is done

Having the same issue here.  Did you ever figure out a way to get pipelines to connect to a server behind a VPN?

Hi Michael,

We have an open feature request for VPN support here. I suggest you follow the ticket here for updates: https://bitbucket.org/site/master/issues/12753/allow-customers-to-connect-the-pipelines

Thanks,

Phil

Thanks @Philip Hodder
I'm now watching it.

I managed to find another solution for our needs using AWS CodeDeploy. Unfortunately they do not have an easy integration with bitbucket (only GitHub).

Stuart,

Any success with this method? We're in the same boat.

any success ?

Another bump here, i'm looking to run lighthouse within a container where this flag is used. Is there any progress or has anyone found workarounds?

it's cold here...

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

Powering DevOps with Bitbucket Server & Data Center

Hi everyone, The Cloud team recently announced 12 new DevOps features that help developers ship better code, faster   ! While we’re all excited about the new improvements to Bitbucket ...

2,353 views 1 8
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you