I have a webhook set up at http://54.226.220.191:8080/bitbucket-hook/. When Bitbucket sends the webhook I'm getting a 503 response. Jenkins is installed on a Windows Server. I'm able to get to my Jenkins install just fine from http://54.226.220.191:8080.
I am running into the same issue, i keep getting 503 error from Bitbucket to Jenkins webhook. i have whitelisted all outbound IP's listed in this document https://support.atlassian.com/bitbucket-cloud/docs/what-are-the-bitbucket-cloud-ip-addresses-i-should-use-to-configure-my-corporate-firewall/
Any suggestions?
Thank you in advance
Does your Jenkins system permit inbound requests from Bitbucket's IPs?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have the following inbound firewall rule;
Protocols/Ports:
- TCP 8080
Scope:
- Remote IP address
18.205.93.0/25
18.234.32.128/25
13.52.5.0/25
Here is the webhook request log info;
Type: repo:push
Event time: a few seconds ago (Wednesday, January 2nd 2019, 2:43:24 pm)
Request attempts: 1 (retry pending)
Response from http://54.226.220.191:8080/bitbucket-hook/
HTTP status: 503
Elapsed time: 5974ms
Request time: a few seconds ago (Wednesday, January 2nd 2019, 2:43:30 pm)
Headers
Content-Length 3162
Via 1.1 ip-10-125-126-79.net.atlassian.com (squid)
X-Cache MISS from ip-10-125-126-79.net.atlassian.com
Content-Language en
X-Squid-Error ERR_CONNECT_FAIL 110
X-Cache-Lookup MISS from ip-10-125-126-79.net.atlassian.com:8080
Vary Accept-Language
Server squid
Connection keep-alive
Date Wed, 02 Jan 2019 19:56:55 GMT
Content-Type text/html;charset=utf-8
Mime-Version 1.0
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Those are the inbound addresses - what Jenkins would use if it connects *to* Bitbucket. You need to whitelist the outbound addresses, since webhooks are connections *from* Bitbucket.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I've found bitbucket ip's here.
Are you saying to add the following as an inbound firewall rule on my windows server? I tried this and still get the same 503.
Also, this is an AWS EC2 instance. I tried adding the above IPs to the security group as All TCP, 104.192.136.0/21, 34.198.203.127/32, 34.198.32.85/32 (added /32 to end of last two).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I'm getting closer. I added another rule to my AWS inbound security group;
All TCP, Any IP
I now get status 200 but am concerned with this rule since it allows any IP.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Interesting! I am having the same issue, @Vincent Roggero did you manage to understand what IPs you had to whitelist? I have added the one published by bitbucket but didn't have any luck
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If you use aws check the security group.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.