In my Bitbucket Pipelines build, I want to delete a branch using
git push origin --delete $BITBUCKET_BRANCH
But then I get the following error:
Pipelines: Authentication failed for 'https://x-token-auth:{access_token}@bitbucket.org/.../'
How can I set up my Pipelines build so that it can push to origin?
I assume one could generate an SSH key, put that inside the docker image (or inside the repo, encrypted) and add that to a Bitbucket account. However, I guess there may be an easier way you guys had in mind for this scenario.
After looking at my old comment and trying to figure it out now. I've found that the way I suggested above is most likely very insecure as anyone with access to the repo can use all priviledges of your account and as long as they have write priviledge in your repo. For a more secure way this article should hopefully help you or anyone else with this problem: https://confluence.atlassian.com/bitbucket/push-back-to-your-repository-962352710.html#OAuth
As an example it has the following first way below to push changes to a repo, note that the commit message has `[skip ci]
` at the beggining. I think adding the `[skip ci]` at the beggining of the commit message is one of the important ways to push properly to your own repo within bitbucket pipelines as outlined in the above docs speaking of the [skip ci] message it says:
Use
[skip ci]
when you are pushing back to your repository. This will stop pipelines triggering on the new commit and avoid an eternal loop!
pipelines:
default:
- step:
script:
- echo "Made a change in build ${BITBUCKET_BUILD_NUMBER}" >> changes.txt
- git add changes.txt
- git commit -m "[skip ci] Updating changes.txt with latest build number."
- git push
And since the original question was asking how to delete a branch I provide the below code that will delete a branch named FOO.
pipelines:
default:
- step:
script:
- echo "Made a change in build ${BITBUCKET_BUILD_NUMBER}" >> changes.txt
- git add changes.txt
- git commit -m "[skip ci] Updating changes.txt with latest build number."
- git push
origin --delete FOO
Add this to your pipelines - git remote set-url origin https://{bitbucket_username}:{bitbucket_password}@bitbucket.org/../
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
EDIT AND WARNING: Looking back on this now I know that this is probably a very insecure way to do this as it says when you set these variables anyone with write access to any of your repos has access to these variables. See my answer over here for a more up to date/secure way to push to your repo.
If you do this you would want to make sure your bitbucket_username and bitbucket_password are in environment variables that are marked as secure in your link like so.
https://$BITBUCKET_USERNAME:$BITBUCKET_PASSWORD@bitbucket.org/../
and then add BITBUCKET_USERNAME and BITBUCKET_PASSWORD as environment variables in your repo's or the account that own's the repo's settings under Environment variables. When setting these environment variables you can select them to be secure by checking a check box. This will prevent someone from seeing them as output in the pipeline's log.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
How can I do to hide my BITBUCKET_USERNAME and BITBUCKET_PASSWORD?
Because I setted as secure and tried to print in screen:
- echo $BITBUCKET_USERNAME
And returned an empty string
I tried to add this:
git remote set-url origin "https://$BITBUCKET_USERNAME:$BITBUCKET_PASSWORD@bitbucket.org/$BITBUCKET_REPO_FULL_NAME.git"
And doesnt work :/
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey @Renato Cassino after researching a bit I have found there is a much better way to do this than I previously suggested. Checkout my answer here on this question. Anyways hope that helps you. :)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Unfortunately not. I suspect one could do something with OAuth tokens, but I can't seem to find information for this exact use case.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jens, did you ever figure this out? I'm experiencing this same thing...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.