We have a repository which hosts the code for our documentation server. Whenever one of our projects is updated, we run a pipeline to generate the documentation based on the latest code, push it to the documentation repository, and deploy it to the server from there.
The solution we are currently using relies on git to pull and push code from one repository to another. However, this requires SSH authentication, which in turn requires some hacky abuse of user SSH:
We would like to do this in a way that does not require a specific user, but the alternatives I can think of have their own downsides:
Store the SSH keys in workspace variables and copy them to the required places during the pipeline.
Cons:
Set up an API token in a workspace variable and use a script to loop over files you want to push/pull
Cons:
Overall, it seems silly to use the API for handling tasks that git does so well. But there does not seem to be a good mechanism to authenticate between Bitbucket repositories.
What is the recommended way to move code between repositories?
Thanks,
Chris
Hey Chris!
By reading through the description of your use case, I would recommend leveraging Repository Access Tokens (RATs) as the authentication for the git command.
Repository Access Tokens are attached to a repository, not to a specific user, and can be configured to have a limited scope (specified during creation). They are particularly useful when you need to authenticate your scripts or CI/CD tools.
So my suggestion, in this case, would be to follow the below sequence of steps :
git clone https://x-token-auth:$BB_REPO_TOKEN@bitbucket.org/{workspace}/{destination_repository}.git
cd {destination_repository}
git config user.email "${BB_REPO_BOT_ID}@bots.bitbucket.org"
git push
You can try using the suggestion above and let us know how it goes.
For more details about Repository Access token, you're also welcome to check our documentation on that topic :
Hope that helps! If you have any questions, let me know.
Thank you, @Christof Koegler _Gaims GmbH_ !
Patrik S
Hi Patrik,
Thanks for your answer - this is exactly what I was looking for!
I do feel embarrassed, as the documentation contains all the necessary information, and I looked at RATs as an option before posting here. However, I completely missed the 'other three pages' on RATs, interpreting the links on the top right as anchors on page one rather than separate pages. That lead me to believe that RATs can only be used with the API.
In case I am not the only one with that particular blind spot: I think it would have helped me if there was some kind of navigation to the next page at the bottom of the first. Maybe something like: Up next: Repository Access Token Permissions. Or maybe a 'Page 1 of 4' somewhere at the top.
Or maybe I just need to learn to read. Thanks for your help!
With best regards
Chris
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
What about using REST apis ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.