Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Runner upgrade to 3.0

Peter September 8, 2024

Is there a possibility that this could lead to data exfiltration since runner now communicates directly with file storage in AWS S3


https://bitbucket.org/blog/bitbucket-pipelines-runner-upgrade-required

2 answers

1 vote
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 10, 2024

Hi Peter and welcome to the community!

AWS S3 is used to upload files that you define as artifacts in your bitbucket-pipelines.yml file:

or caches you define in your bitbucket-pipelines.yml file:

For every Pipelines step that downloads artifacts or cache, we have unique tokens that are used to authenticate with S3, so the artifacts and cache are not publicly accessible.

Kind regards,
Theodora

Peter September 17, 2024

Hi @Theodora Boudale 

Upload works but it's failing when other step is trying to download the artifact

Artifact "target/**": Downloading Artifact "target/**": Error downloading. Please contact support if this error persists.

Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 18, 2024

Hi Peter,

We'll need to check the build logs and runner logs to investigate, so I suggest creating a ticket with the support team for this issue. The support ticket will be visible only to you and Atlassian staff, so anything you post there won't be publicly visible.

You can create a ticket via https://support.atlassian.com/contact/#/, in "What can we help you with?" select "Technical issues and bugs" and then Bitbucket Cloud as product. When you are asked to provide the workspace URL, please make sure you enter the URL of the workspace that is on a paid billing plan to proceed with ticket creation.

Please feel free to let me know if you have any questions.

Kind regards,
Theodora

0 votes
Peter September 8, 2024

Is there a possibility that this could lead to data exfiltration since runner now communicates directly with file storage in AWS S3

We're using self hosted runners

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events