You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
We use the list of IP addresses that bitbucket publishes of "Valid IP addresses for Bitbucket Pipelines build environments" in our firewall. A few days ago we started to see pipelines fail because they were being denied connections.
After some investigation, we found that some runners seem to get IP addresses that are not in the list.
For example, yesterday we saw a runner get the IP 10.39.157.242/32, which is not in the list.
Anyone else seeing this? Anyone at Atlassian care to update the list of IP addresses?
Please see the documentation below for runners:
What IP address do I need to whitelist to get Runner to work?
Refer to the list of the IP addresses that you need to whitelist to get your runner connected with Pipeline behind your firewall.
It's also advisable to whitelist the following IPs here if there's an issue with your runner build.
Thanks for you answer, but unfortunately this doesn't quite address my question. My question is about the IP addresses that the bitbucket-provided runners use. In my question I've linked to the list that bitbucket publishes, but the problem is that this list only cover the IPv4 addresses, and does not include the IPv6 addresses. Where can I find the IPv6 address list?
The list of "Valid IP addresses for Bitbucket Pipelines build environments" is for Pipelines builds that run in our own infrastructure, in case you need to make requests from these Pipelines builds to one of your servers that is behind a firewall.
For runners, you need to whitelist the IPs mentioned on this page https://ip-ranges.atlassian.com/, which also includes IPv6 addresses.
Yes, I'm talking about pipelines that run in your infrastructure. Not pipelines that run in mine.
The "Valid IP addresses for Bitbucket Pipelines build environments" page lists IPv4 addresses, but not IPv6 addresses. However those environments have IPv6 connectivity, so we need to know what those IPv6 address ranges are so we can allow them to connect to the services they need.
Thank you for the clarification. You mentioned 'runner' several times in your question, which made me think that you are using Bitbucket Runners where Pipelines builds run in the customer's infrastructure.
I'm afraid that Bitbucket Pipelines that run in our own infrastructure do not support IPv6 at the moment. We have a feature request to support IPv6:
It has been closed due to inactivity, but I would suggest you still add your vote and leave a comment there, as our product managers continue to monitor even closed requests.
I will reach out to the development team regarding this, I would like to ask if you could please provide me the following info:
I checked with our development team and we haven't made any changes to provide IPv6 connectivity to Pipelines build environments. We would need to know the timeframe you experienced this issue as well as check the logs for these failed Pipelines builds in order to further investigate.
I went ahead and created a support ticket for you using the email of your community account, you should have received an email with a link to the support ticket. This ticket is visible only to you and Atlassian staff.
I would like to ask if you could please leave a comment on that ticket and let us know:
- the timeframe you experienced these issues
- the URL of one of the failed builds you've had
- any info about where you see IPv6 connectivity in those builds
If you have any questions, please feel free to let me know.
Ok, I've realised that the IP 10.39.157.242 is in the 10.0.0.0/24 network, which is obviously a local network address space. So clearly there's some kind of routing or NAT going on internally within bitbucket for outgoing connections.
Now investigating whether the connection is trying to go out on IPv6 instead of IPv4. The page I linked to above doesn't list any outgoing IPv6 address spaces though, which is a shame...