I want to give the bitbucket-pipelines user permissions to write to master. It should be allowed to push commits and tags. But, it's not possible to select the bitbucket-pipelines user in the Write access dropdown under Settings|Workflow|Branch Permissions even though the user exists and can write if I give Everybody permissions.
* e2e40b8 (HEAD -> master, tag: v0.1.2, origin/master, origin/HEAD) v0.1.2 bitbucket-pipelines, 9 minutes ago
* 66fc994 Merged in STOR-314-demo-branch (pull request #29) Anders Janmyr, 75 minutes ago
| * ea873c7 STOR-
How can I give permissions to the bitbucket-pipelines user while denying everyone else?
I seem to be having the same issue that Anders described. Merges to master were successfully committing version # updates as part of the repository bitbucket-pipeline. I restricted write access about a week ago, and now the automagic commits are rejected. I didn't change any other build settings or scripts in between, just the branch permissions.
I would like
As far as I have been able to find, I can only have one or the other of these; currently I cannot get both. It seemed logical to me (and apparently also to Anders) to simply grant write access to the user 'bitbucket-pipelines' in order to achieve desired item #2 above. But this user doesn't appear in the selection auto-fill and isn't allowed to be manually edited, so I'm stuck.
I have the exact same problem. I am looking for a precise solution for how to achieve this:
This sounds like a common pattern. Atlassian, please give us a solution for this.
The steps for allowing to push back commit from pipeline is well documented here.
If you do setup Branch permissions on master or any branch and want to push back changes via pipeline, then you will need to setup using OAuth/ SSH Keys as described in the second half of the article.
Have tried this to verify it works :)
I have tried it, and it only works if you enable write permissions to the branch from an account and then setup the remote in the pipelines using that account oauth/keys.
What all these users above (including me) want is to not make a "bot" account or grant any user write permissions, and still have a way to write from bitbucket pipelines.
Tried the recommended Oauth2 solution. Was able to get the auth token, and set the git url. However subsequently pushing still did not go through.
remote: Permission denied to update branch master.
! [remote rejected] master -> master (pre-receive hook declined)
error: failed to push some refs to 'https://x-token-auth:email@example.com/myname/myrepo'
@Rajat Goyal any idea what is wrong.
Discovered the Oauth token has an associated user whose name is $BITBUCKET_REPO_OWNER. The Bitbucket API can be used to get the current user name in the pipeline. The API can also be used to give this user write access on any branch, i.e. master. If so, the pipeline can manage the permissions of this user and thereby allow permit the push back to repo on master. It would be nice if this user was available for selection in the Edit Branch Permissions Modal.
Beginning on April 4th, we will be implementing push limits. This means that your push cannot be completed if it is over 3.5 GB. If you do attempt to complete a push that is over 3.5 GB, it will fail...