Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to mount certificates volume in pipeline service

Nick Paton
Nick Paton
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 23, 2023

Hello! I have a pipeline where I need to run a database with test certificates as there are tests that verify that the client is able to connect via TLS.

 

The test certificates are in a tests/tls folder in the repo. and I am running the db (redis) as a service in the pipeline.

 

The redis container starts up, and the env vars are passed in, but I can see in the logs that it is unable to locate the certificates.

redis 11:51:18.64 ERROR ==> The X.509 certificate file in the specified path /src/tests/tls/redis.crt does not exist

 

What is the correct process to mount a volume to a service container?

 

Here is my bitbucket-pipelines.yaml file:

 

image: node:18

definitions:
  services:
    redis:
      image: docker.io/bitnami/redis
      variables:
        ALLOW_EMPTY_PASSWORD: 'false'
        REDIS_PASSWORD: $REDIS_CLIENT_PASSWORD
        REDIS_TLS_CERT_FILE: /src/tests/tls/redis.crt
        REDIS_TLS_KEY_FILE: /src/tests/tls/redis.key
        REDIS_TLS_CA_FILE: /src/tests/tests/tls/ca.crt
        REDIS_TLS_ENABLED: 'yes'
        REDIS_PORT: '6379'
        REDIS_TLS_PORT: '6378'
      ports:
        - 6379:6379
        - 6378:6378
      volumes:
        - $BITBUCKET_CLONE_DIR:/src
  steps:
    - step: &npm-install
      name: Install dependencies
      caches:
        - node
      script:
        - npm install
pipelines:
  default:
    - step: *npm-install
  - parallel:
    - step:
      name: Build and Test
      services:
        - redis
      caches:
        - node
      script:
        - npm test
...
Answer
Watch
Like Be the first to like this
394 views

1 answer

1 accepted

1 vote
Answer accepted
Patrik S
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 24, 2023

Hello @Nick Paton and thank you for reaching out to Community!

Unfortunately, volume mounting on service containers is not available in Bitbucket Pipelines at this point.

However, you can manually start the service container using the docker service. This allows you to run docker commands as part of your build, and one of the available commands is docker run, which can be used to start new containers. Using docker run will make it possible to pass any variables and mount the volumes you want to use inside this second container.

Following is an example of docker run to start a service, doing port mapping, passing variables, and mounting a volume :

docker run -p <port mapping> -e VAR1="VAR_VALUE" -v <volume to mount inside the service container> <image> <arguments to pass to service container>

It's important to note though, that for security reasons pipelines only allow volume mounting of files/folders inside the $BITBUCKET_CLONE_DIR directory.

Below is an example YML file where a Redis "service" container is manually started using the docker run command : 

image: atlassian/default-image:3
pipelines:
  default:
      - step:
          name: Manually starting redis service
          script:
            - docker run --name redis -p 6379:6379 -p 6378:6378 -e ALLOW_EMPTY_PASSWORD="false" -e REDIS_PASSWORD="$REDIS_CLIENT_PASSWORD" -v $BITBUCKET_CLONE_DIR:/src redis:latest
            - sleep 30 #wait for 30 seconds for the service container to have enough time to start 
            - <rest of your step commands>
          services:
           - docker #define that this step will use docker service

and the clone directory  $BITBUCKET_CLONE_DIR is mounted as a volume inside the redis container into the /src folder.

For further details, I've recently authored an article on how to use that approach to pass arguments to service containers, but that should be similar when using volumes, so it might also be of help :

Let me know in case you have any questions :)

Thank you, @Nick Paton !
Patrik S

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events