You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
Next: Root
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
As part of a build process in Jenkins, we generate some IDs that need to be written back to a repository. Everything works fine until I try to push the commit with the new IDs back to the origin (bitbucket) on the main or production branches, which have branch restrictions to limit direct commits.
The Jenkins build uses a Repository Access Token to interact with the repo. I have tried to add that token to the "Only specific people or groups have write access" for the branch, but the e-mail, ID, etc. are not accepted as valid values.
Is there a way I can grant that token access to directly write to those branches? If not, is there another workaround I can use?
The specific error I'm getting (URLs removed):
+ git push origin
remote: Permission denied to update branch main.
To <Repo>
! [remote rejected] main -> main (pre-receive hook declined)
error: failed to push some refs to '<Repo>'
The original looks like this:
git clone https://x-token-auth:<token>@bitbucket.org/<repo>
I also run the line
git config user.email <token-id>@bots.bitbucket.org
Hello @Jake Esau ,
Thank you for reaching out to Atlassian Community!
Unfortunately, it's currently not possible to add the RAT "user" to branch restrictions. We do have a feature request to implement that functionality though, which you can access in the following link :
I would suggest you to add your vote there, since this helps both developers and product managers to understand the interest. Also, make sure you add yourself as a watcher in case you want to receive first-hand updates from that ticket. Please note that all features are implemented with this policy in mind.
As for the workaround, since only users with valid bitbucket account can be added to branch restriction, you can think of the following options
In case you don't want those credentials attached to a person on your team, you can create a new bitbucket account to be used as a "bot account", and create the App password or SSH key under that "bot" account and grant that account access to the repositories.
Hope that helps! Let me know in case you have any questions.
Thank you, @Jake Esau !
Patrik S
Wish the answer was "Yes and here's how to do it" but at least I'm not the only one that wants it. I've added my vote to that request, I would suggest anyone else reading this do the same.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.