Extra args - SSH

benjamin January 6, 2025

 

Hello, sorry to be a bother but I'd like to submit more that one extra arg and having trouble doing so.

I'm having trouble connecting to my SSH server and need debugging on with the options.

I'd like to send these 3 or more Extra args

-vvv my.servers.ip.address

-o IPQoS=none

-o ControlMaster=auto

1 answer

0 votes
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 7, 2025

Hello @benjamin ,

Thanks for reaching out to the Community!

Based on your description, I assume you're using the pipe atlassian/ssh-run to access your SSH server. If that is not the case, we kindly ask you to share how you are executing the SSH command.

That being said, when using the pipe atlassian/ssh-run, you can provide additional arguments to the SSH command using the pipe's variable named EXTRA_ARGS. Following is an example of it's usage:

- pipe: atlassian/ssh-run:0.8.1
    variables:
      SSH_USER: '<user>'
      SERVER: '<IP>'
      MODE: '<mode>'
      COMMAND: '<command>' # 
      EXTRA_ARGS: '-o IPQoS=none -o ControlMaster=auto -vvv'

You can provide multiple arguments, that will be treated by the pipe as arguments to the ssh command executed under the hood.

Could you try that suggestion and let us know how it goes? 

For additional information and examples about that pipe, you can check its official documentation here.

Thank you, @benjamin !

Patrik S

benjamin January 9, 2025

yes we're using "- pipe: atlassian/ssh-run:0.8.1" and thank you that seemed to work!

The reason im trying to add the arguments is that we're have a terrible time logging into our local SSH server and i'm looking for debug to pinpoint.
My network team has allowed Atlasssian IP Addresses however we get the dreaded timeout error.

 

Do you know of a good resource to solve this issue ?

Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 9, 2025

Hello @benjamin ,

Great to hear the syntax has worked for the additional flags.

As for the timeout issue, this is usually associated with a firewall blocking the connection. I would recommend double checking with your network team if the correct IPs were allowed.

The documentation of Bitbucket Pipelines Cloud IP addresses is divided into two sections:

  • Section 1: Valid IP addresses for Bitbucket Pipelines build environments

    This section applies to 1x/2x step sizes (or 4x/8x steps that have not been explicitly flagged to use atlassian-ip-ranges). An exhaustive list of IP addresses from which the traffic may originate on AWS can be obtained by using the following endpoint. You should filter records where the service equals EC2 or S3, and focus on the us-east-1 and us-west-2 regions. However, we do not recommend using these IP ranges as a security control due to their broad nature.

  • Section 2: Atlassian IP Ranges

    This section pertains to steps specifically configured to use Atlassian IP ranges. These are applicable only to 4x and 8x size steps that have the atlassian-ip-ranges: true flag enabled. The step sizes 4x and 8x are only available for builds running under a paid Bitbucket Cloud plan (Standard or Premium)

To use the more restricted set of IPs (Section 2 above), I suggest adjusting your pipeline configuration to include the following:

pipelines:
default:
- step:
size: 4x
runtime:
cloud:
atlassian-ip-ranges: true
script:
- echo "This step will use atlassian-ip-ranges"
- pipe: atlassian/ssh-run:0.8.1
<rest of the configuration>

You can find more details in the documentation here: Runtime Step Options.

This configuration improves security by restricting the IP addresses utilized by Pipelines builds to the Atlassian IP ranges.

Thank you, @benjamin !

Patrik S

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin Site Admin
TAGS
AUG Leaders

Atlassian Community Events