Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

How to mount certificates volume in pipeline service

Nick Paton
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
August 23, 2023

Hello! I have a pipeline where I need to run a database with test certificates as there are tests that verify that the client is able to connect via TLS.

 

The test certificates are in a tests/tls folder in the repo. and I am running the db (redis) as a service in the pipeline.

 

The redis container starts up, and the env vars are passed in, but I can see in the logs that it is unable to locate the certificates.

redis 11:51:18.64 ERROR ==> The X.509 certificate file in the specified path /src/tests/tls/redis.crt does not exist

 

What is the correct process to mount a volume to a service container?

 

Here is my bitbucket-pipelines.yaml file:

 

image: node:18

definitions:
services:
redis:
image: docker.io/bitnami/redis
variables:
ALLOW_EMPTY_PASSWORD: 'false'
REDIS_PASSWORD: $REDIS_CLIENT_PASSWORD
REDIS_TLS_CERT_FILE: /src/tests/tls/redis.crt
REDIS_TLS_KEY_FILE: /src/tests/tls/redis.key
REDIS_TLS_CA_FILE: /src/tests/tests/tls/ca.crt
REDIS_TLS_ENABLED: 'yes'
REDIS_PORT: '6379'
REDIS_TLS_PORT: '6378'
ports:
- 6379:6379
- 6378:6378
volumes:
- $BITBUCKET_CLONE_DIR:/src
steps:
- step: &npm-install
name: Install dependencies
caches:
- node
script:
- npm install
pipelines:
default:
- step: *npm-install
- parallel:
- step:
name: Build and Test
services:
- redis
caches:
- node
script:
- npm test
...

1 answer

1 accepted

1 vote
Answer accepted
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 24, 2023

Hello @Nick Paton and thank you for reaching out to Community!

Unfortunately, volume mounting on service containers is not available in Bitbucket Pipelines at this point.

However, you can manually start the service container using the docker service. This allows you to run docker commands as part of your build, and one of the available commands is docker run, which can be used to start new containers. Using docker run will make it possible to pass any variables and mount the volumes you want to use inside this second container.

Following is an example of docker run to start a service, doing port mapping, passing variables, and mounting a volume :

docker run -p <port mapping> -e VAR1="VAR_VALUE" -v <volume to mount inside the service container> <image> <arguments to pass to service container>

It's important to note though, that for security reasons pipelines only allow volume mounting of files/folders inside the $BITBUCKET_CLONE_DIR directory.

Below is an example YML file where a Redis "service" container is manually started using the docker run command : 

image: atlassian/default-image:3
pipelines:
  default:
      - step:
          name: Manually starting redis service
          script:
            - docker run --name redis -p 6379:6379 -p 6378:6378 -e ALLOW_EMPTY_PASSWORD="false" -e REDIS_PASSWORD="$REDIS_CLIENT_PASSWORD" -v $BITBUCKET_CLONE_DIR:/src redis:latest
            - sleep 30 #wait for 30 seconds for the service container to have enough time to start
            - <rest of your step commands>
          services:
           - docker #define that this step will use docker service

and the clone directory  $BITBUCKET_CLONE_DIR is mounted as a volume inside the redis container into the /src folder.

For further details, I've recently authored an article on how to use that approach to pass arguments to service containers, but that should be similar when using volumes, so it might also be of help :

Let me know in case you have any questions :)

Thank you, @Nick Paton !
Patrik S

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events