Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Possible to add a single workspace SSH key for many pipeline deployments?

bobby j August 15, 2022

I have a server with many different projects running on it, and am wondering if there's a way to configure an SSH user at the workspace level to run deployments.

It's a pain to generate a new key for each repo and add to authorized_keys for my deployment user, and if I ever needed to invalidate those keys, I would need to go through every repo and generate a new one.

I'm just hoping there's an easier way to do this. The other alternative I thought of was to save a key as a workspace environment variable, and then pass it to the various pipelines that way, but it seems there are security issues with this method, so I was hoping to avoid it.

 

Thanks in advance!

1 answer

0 votes
Syahrul
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 16, 2022

Hello, @bobby jenrow 

G'day.

Is your repositories under the same Workspace "bitbucket.org/<WorkspaceId>"?

If yes, I believe you can add the SSH key on your Workspace level, allowing the SSH key to be used with all repositories under your Workspace.

You can find these settings under the Workspace settings SSH key  or access it at the following URL by changing the Workspace ID with yours:

https://bitbucket.org/<WorkspaceID>/workspace/settings/ssh-keys

Cheers,
Syahrul

bobby j October 4, 2023

Hey @Syahrul ,

 

Thanks for the response. 

 

It seems like these are for accessing the bitbucket server, not for use in pipelines. Am I wrong here?

Do y'all have documentation on how this would work?

Syahrul
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 4, 2023

Hey @bobby jenrow 

This is for Bitbucket cloud and not the server.

May I know your expected workflow here so I can better advise you? Details such as cloning the repository and deploying to another repository etc?

Regards,
Syahrul

Like Sabine Mayer likes this
bobby j October 5, 2023

I want to deploy any number of repositories to a single server that I control.

In order to do that with pipelines, I set up an SSH key in each repository, register the ip address / fingerprint, and use it within my Bitbucket pipelines file. Then I need to go to my server and add the public key to my deployment user's ~/.ssh/authorized_keys

It would be nice to be able to set the SSH key up as a workspace variable that can be used from any bitbucket pipeline yml within the workspace. This way, when we migrate servers, we don't have to go back  into each repo individually and update the project with a new key.

Like Sabine Mayer likes this
Syahrul
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 5, 2023

Thanks @bobby jenrow 

You can use workspace variables to add the utilise that can be utilised with all pipeline builds within your workspace. You can find them at

https://bitbucket.org/<WorkspaceName>/workspace/settings/pipelines/account-variables

However, it's important to note that currently, there is no single SSH key for workspace-level usage that can be employed across multiple pipelines. The SSH key provided under workspace settings is primarily intended for pushing changes to Bitbucket and is not meant for deployment purposes.

Therefore, I recommend utilizing the workspace variables for your current needs.

Regards,
Syahrul

bobby j October 6, 2023

@Syahrul That makes sense to me. Thanks!

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events