Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,467,172
Community Members
 
Community Events
177
Community Groups

How to give repo level write permission to ssh user

I connect Bitbucket from my Jenkins pipeline using ssh. I need to push some code to my repository from pipeline. If I give write permission to "Everybody" then push is working. But I want to restrict write permission only to this ssh user. there is no option to select ssh user in "Branch Permission" section of the repository settings.

 

bitbucket branch permissions.png

1 answer

1 accepted

0 votes
Answer accepted

Hi @Chetan Korat and welcome to the community.

In the branch permissions dialog, you can grant access to certain Bitbucket users or user groups of the workspace only, it is not possible to grant access to a certain SSH key pair.

Is the SSH key pair you use for Jenkins added to
- a certain Bitbucket user?
- or a Bitbucket workspace (from workspace Settings > SSH keys)?

If this SSH key is added to a workspace instead of a user, then I'm afraid that it is not possible to add the workspace to branch permissions, as the workspace is a container for the repositories and not an actual user. If you'd like to make use of branch permissions, you will need to use an SSH key pair that is associated with a Bitbucket user with access to the repo, and then add this user in branch permissions.

We have a feature request to support SSH key specific branch permissions:

If you'd be interested in that, I would suggest adding your vote there (by selecting the Vote for this issue link) as the number of votes helps the development team and product managers better understand the demand for new features. You are more than welcome to leave any feedback, and you can also add yourself as a watcher (by selecting the Start watching this issue link) if you'd like to get notified via email on updates.

Implementation of new features is done as per our policy here and any updates will be posted in the feature request.

Please feel free to let me know if you have any questions.

Kind regards,
Theodora

Thanks a lot for your quick reply. This was indeed the problem. My SSH Key was added at workspace level. Added a new key at user level, gave that user repo access and it worked.

Kind regards,

Chetan

You are very welcome Chetan, please feel free to reach out if you ever need anything else!

Kind regards,
Theodora

Hi Theodora,

I don't think adding the ssh key to a specific user is solution, what if the user leaving the company and the account is closed?

On the other hand you can create jenkins bitbucket user for that purpose, but that required email address, verification, and all the fun.

I should be able to give write permissions to ssh users, I don't see any reason why it blocked by design.

 

 

Regards,

Avishay

Hi Avishay,

The account added in branch permissions can be either a user's account or a dedicated account for Jenkins.

An additional account for Jenkins would count as an extra user for the workspace since billing is per user.

If someone wants to avoid the cost of an extra user, they can use an existing user's account. As you said, if the user leaves the company and the account is closed then it would need to be replaced with another account.

Please make sure to add your vote and any feedback to the feature request since you'd be interested in that feature https://jira.atlassian.com/browse/BCLOUD-20047, as this is where our product managers check for feedback.

Kind regards,
Theodora

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events