How to set branch restriction allowed for bitbucket pipeline only?

Hello @Daniel Song ,

Welcome to the Community! 

Unfortunately, it's not currently possible to select the pipeline user when setting up the branch restrictions. We do have a feature request to implement this functionality, which you can find in the following link : 

• https://jira.atlassian.com/browse/BCLOUD-19136

I would encourage you to add your vote there to give it reactions and help our development team to understand the interest. Feel free to add yourself as a Watcher as well, so you will be notified whenever there's any update on that feature.

While that feature is not available, a possible workaround would be to create a new bitbucket account to act like a "bot" account that you can use as part of your pipeline to authenticate any git activity or API calls. You would need to grant that bot account permissions to your repository, and its use should also be available to be added to the branch restriction.

Then, you could create an App password under the bot account and use it along with the bot account's username as the credentials to authenticate the git push during your pipeline. The following command would need to be added to your pipeline's script, before the git push command, to set the new credentials to be used by git: 

git remote set-url origin "https://${BOT_USERNAME}:${BOT_APP_PASSWORD}@bitbucket.org/${BITBUCKET_WORKSPACE}/${BITBUCKET_REPO_SLUG}"

The example above consider the creation of Workspace or Repository variables named BOT_USERNAME and BOT_APP_PASSWORD that contains the credentials of the bot account. The variables BITBUCKET_WORKSPACE and BITBUCKET_REPO_SLUG are already populated by default (see Pipelines default variables)

Hope that helps! Let me know in case you have any questions.

Thank you, @Daniel Song !

Patrik S