Hi,
We have 2 repos, one of them has bitbucket-pipelines.yml and other one has pipe.yml. So basically We're trying to use first one as an automation repo which pipeline is running, and second one as pipe repo. Both of them private and there is no authentication configuration between them. Both of them are in the same workspace. We realized that pipeline can use pipe repo without any kind of authentication whatsoever.
My questions are;
- How the authentication handled between these repos? Both of them are private, normally this kind of operation requires authentication. We have other pipeline repos that need code library repos and to be able to use libraries, we have an authentication configuration. This is working because of pipe?
- Is this behaviour restricted at workspace scope? If not, can people use others' private pipe repos without any authentication?
- In pipe step of the pipeline, there is a huge docker container run command which is taking so much environment variables, which one them is PIPELINES_JWT_TOKEN="$PIPELINES_JWT_TOKEN". Is this variable handling the authentication? There is no sign of that in variables & secrets document.
https://support.atlassian.com/bitbucket-cloud/docs/variables-and-secrets/
Best Regards,
Hi, @oguzhan, thank you for reaching out to Atlassian Community.
As we'll need to analyze your YAML file, I have created an internal ticket for you using the email of your community account, so you don't have to share this information here.
You should have received an email with a link to the support ticket. Just in case you haven't received it, please feel free to let me know and I can post the ticket URL here. The ticket will be visible only to you and Atlassian staff, no one else can view its contents even if they have the URL.
Please feel free to let me know if you have any questions.
Kind regards,
Caroline
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.