Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

How does Bitbucket connect through a corporate firewall when the runner is on a company network?

Illya Kuzmych
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
September 8, 2023

I am using a Bitbucket runner for some work, as a library that is necessary for the pipeline is hosted on the company's private server, and a runner is one of the methods I can use to gain access and use those libraries.

Some security concerns arose regarding how Bitbucket gains access to my computer through a corporate firewall, and through what encryption/authentication method is it able to do so?


Thanks, hopefully this question is clear.

1 answer

1 accepted

3 votes
Answer accepted
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 10, 2023

Hi Illya,

So Pipelines will communicate through our Stargate API to establish a connection with your runner (so that it can communicate to your private IP address).
Once it has established a connection - it uses websocket rather than HTTP to maintain the connection between client/server.

For the connectivity  described above, you would need to have inbound whitelisting configured for our IP addresses as follows to establish the initial connection:

Once established, Pipelines will communicate between your local Runner and the Bitbucket Cloud UI via this websocket where commands are sent to be executed by either the container running on a Kubernetes pod (Pipelines) or self-hosted infrastructure (Runners).

The build status updates are then returned back in the same manner based on the success of those command executions.

Hope this helps.


- Ben (Bitbucket Cloud Support)

keewan lew October 10, 2023

Can this apply for pocketquery?

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events