Is there a possibility that this could lead to data exfiltration since runner now communicates directly with file storage in AWS S3
https://bitbucket.org/blog/bitbucket-pipelines-runner-upgrade-required
Hi Peter and welcome to the community!
AWS S3 is used to upload files that you define as artifacts in your bitbucket-pipelines.yml file:
or caches you define in your bitbucket-pipelines.yml file:
For every Pipelines step that downloads artifacts or cache, we have unique tokens that are used to authenticate with S3, so the artifacts and cache are not publicly accessible.
Kind regards,
Theodora
Hi @Theodora Boudale
Upload works but it's failing when other step is trying to download the artifact
Artifact "target/**": Downloading Artifact "target/**": Error downloading. Please contact support if this error persists.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Peter,
We'll need to check the build logs and runner logs to investigate, so I suggest creating a ticket with the support team for this issue. The support ticket will be visible only to you and Atlassian staff, so anything you post there won't be publicly visible.
You can create a ticket via https://support.atlassian.com/contact/#/, in "What can we help you with?" select "Technical issues and bugs" and then Bitbucket Cloud as product. When you are asked to provide the workspace URL, please make sure you enter the URL of the workspace that is on a paid billing plan to proceed with ticket creation.
Please feel free to let me know if you have any questions.
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Is there a possibility that this could lead to data exfiltration since runner now communicates directly with file storage in AWS S3
We're using self hosted runners
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.