Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

What is the easiest way to deploy an bitbucket pipeline artifacts to a remote server

Srikanth Mamidala
Srikanth Mamidala July 2, 2021

I have been looking at the documentation most of the documentation explains. 

Here are my requirements

1. java project

2. pipeline uses custom image (with ssh installed)

3. create artifact jar, ear or whatever 

4. Deploy that artifact to a remote servers (QA, TST and PROD) via ssh. 

 

step 4 is where I am struggling with. Followed this document but I am struck at Step 2: Update the known hosts while I get an error as "unable to fetch fingerprints ....." 

I am unsure of step 3 should I be adding known hosts file to the remote server or my custom docker image. I believe its remote server but then how does my custom docker image talk to the remote host? 

Is there any documentation on of easy way to deploy the artifact to a remote server. 

Answer
Watch
Like Be the first to like this
1809 views

1 answer

0 votes
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 6, 2021

Hi @Srikanth Mamidala ,

Regarding the error "unable to fetch fingerprints", is the server you want to deploy to behind a firewall? If so, you may need to whitelist the IP addresses listed on the following page, for the server to be able to communicate with Bitbucket:

Your network administrator may need to make specific network configuration changes to permit SSH connectivity from your server to Bitbucket.

I am unsure of step 3 should I be adding known hosts file to the remote server or my custom docker image. I believe its remote server but then how does my custom docker image talk to the remote host?

The public key should be added to your remote server (not your custom image). If you have generated an SSH key pair from this repo's Repository settings > SSH keys (or if you have added one there yourself), the private SSH key will be available in your Pipelines builds and the public key will exist on your remote server, so you'll be able to ssh from the Pipelines build to your server.

 

We have certain pipes that deploy to a remote server using SSH. If you set up SSH keys as per the documentation you mentioned, you can use one of these pipes in your bitbucket-pipelines.yml file to deploy to your server:

If your remote server has FTP, another option would be to use the following pipe to deploy via FTP (instead of SSH):

Please feel free to let me know if you have any questions.

Kind regards,
Theodora

View More Comments
Srikanth Mamidala
Srikanth Mamidala July 6, 2021

Hello @Theodora Boudale  thank you for detailed answers. I was able to setup the connection using SCP but using a public IP only. Is there a way to enable pipelines connections for the private Ips? 

Like
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 6, 2021

Hi @Srikanth Mamidala,

Thank you for the update, it's good to hear that you managed to set it up with SCP.

I don't believe that it is possible to use a private IP address, as private IP addresses are used within a local network. Bitbucket Pipelines needs to be able to reach your server over the internet and this can be done with a public IP address.

Kind regards,
Theodora

Like
Srikanth Mamidala
Srikanth Mamidala July 6, 2021

Got it thank you. But there may be use cases similar to mine for others as well, whats the ideal Atlassian suggested workaround for these situations? Use a jump box or something? if use a jumpbox which pipe would support that 

Like
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 9, 2021

Hi @Srikanth Mamidala, please allow me to check with my team regarding your last question and I'll get back to you on that.

Like
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 14, 2021

Hi @Srikanth Mamidala,

Thanks for your patience as we've been looking into this.

It should actually be possible to deploy to one of your local machines that doesn't have access to the internet with the scp-deploy pipe, using a jumpbox.

  • You will need to add the Pipelines public SSH key to the authorized_keys of both the jump server and the machine you will be deploying to
  • You will need to add the address of the jump server in the 'Known hosts' of the repo (in the page Repository settings > SSH keys)

The pipe should then be configured as follows:

pipelines:
  default:
    - step:
        script:
          - pipe: atlassian/scp-deploy:1.1.0
            variables:
              USER: <USER>
              SERVER: <PRIVATE_IP>
              REMOTE_PATH: <REMOTE_PATH>
              LOCAL_PATH: '*'
              DEBUG: 'true'
              EXTRA_ARGS: ['-o', 'ProxyJump <JUMP_SERVER_ADDRESS>:<SSH_PORT>', '-o', 'StrictHostKeyChecking=no', '-o UserKnownHostsFile=/dev/null']

So this is possible by using the ProxyJump argument of the scp command, and also by using the options 'StrictHostKeyChecking=no' and '-o UserKnownHostsFile=/dev/null'. You need to also make sure that the jump server can communicate with the local machine you want to deploy to.

Some other suggestions we can make apart from the above setup:

- You can use a proxy server, deploy there with the pipe, and configure the proxy server to redirect the traffic to one of the machines in your local network

- You can also explore using Bitbucket Pipelines Runners, which can be run in your own network infrastructure and run your deployment there:

https://community.atlassian.com/t5/Bitbucket-Pipelines-articles/Bitbucket-Pipelines-Runners-is-now-in-open-beta/ba-p/1691022

Kind regards,
Theodora

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events