Bitbucket Webhook to Jenkins returns 503

Vincent Roggero January 2, 2019

I have a webhook set up at http://54.226.220.191:8080/bitbucket-hook/. When Bitbucket sends the webhook I'm getting a 503 response. Jenkins is installed on a Windows Server. I'm able to get to my Jenkins install just fine from http://54.226.220.191:8080.

2 answers

0 votes
Nihar Amin December 29, 2020

I am running into the same issue, i keep getting 503 error from Bitbucket to Jenkins webhook.  i have whitelisted all outbound IP's listed in this document https://support.atlassian.com/bitbucket-cloud/docs/what-are-the-bitbucket-cloud-ip-addresses-i-should-use-to-configure-my-corporate-firewall/

Any suggestions? 

Thank you in advance

0 votes
jredmond
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 2, 2019

Does your Jenkins system permit inbound requests from Bitbucket's IPs?

Vincent Roggero January 2, 2019

I have the following inbound firewall rule;

Protocols/Ports:

- TCP 8080

Scope: 

- Remote IP address

18.205.93.0/25
18.234.32.128/25
13.52.5.0/25


Here is the webhook request log info;

Type: repo:push
Event time: a few seconds ago (Wednesday, January 2nd 2019, 2:43:24 pm)
Request attempts: 1 (retry pending)
Response from http://54.226.220.191:8080/bitbucket-hook/
HTTP status: 503
Elapsed time: 5974ms
Request time: a few seconds ago (Wednesday, January 2nd 2019, 2:43:30 pm)

Headers
Content-Length    3162
Via    1.1 ip-10-125-126-79.net.atlassian.com (squid)
X-Cache    MISS from ip-10-125-126-79.net.atlassian.com
Content-Language    en
X-Squid-Error    ERR_CONNECT_FAIL 110
X-Cache-Lookup    MISS from ip-10-125-126-79.net.atlassian.com:8080
Vary    Accept-Language
Server    squid
Connection    keep-alive
Date    Wed, 02 Jan 2019 19:56:55 GMT
Content-Type    text/html;charset=utf-8
Mime-Version    1.0

Like Deleted user likes this
jredmond
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 2, 2019

Those are the inbound addresses - what Jenkins would use if it connects *to* Bitbucket. You need to whitelist the outbound addresses, since webhooks are connections *from* Bitbucket.

Like nruiz likes this
Vincent Roggero January 2, 2019

I've found bitbucket ip's here. 

https://confluence.atlassian.com/bitbucket/what-are-the-bitbucket-cloud-ip-addresses-i-should-use-to-configure-my-corporate-firewall-343343385.html?_ga=2.43109797.1827149579.1546449118-56698773.1545853230&_gac=1.184167954.1546193145.EAIaIQobChMIwryjrpHI3wIVBC1pCh3gZAMOEAAYASAAEgK_YvD_BwE

Are you saying to add the following as an inbound firewall rule on my windows server? I tried this and still get the same 503.

  • 104.192.136.0/21
  • 34.198.203.127
  • 34.198.32.85

Also, this is an AWS EC2 instance. I tried adding the above IPs to the security group as All TCP,  104.192.136.0/21, 34.198.203.127/32, 34.198.32.85/32 (added /32 to end of last two).

Like nicnei likes this
Vincent Roggero January 2, 2019

I'm getting closer. I added another rule to my AWS inbound security group;

All TCP, Any IP

 

I now get status 200 but am concerned with this rule since it allows any IP.

Deleted user August 29, 2019

Interesting! I am having the same issue, @Vincent Roggero did you manage to understand what IPs you had to whitelist? I have added the one published by bitbucket but didn't have any luck

Deleted user October 4, 2019

If you use aws check the security group.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events