"Permission denied" when writing to $BITBUCKET_PIPE_STORAGE_DIR

Cap's Old Account
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
August 17, 2023

Hi folks. I'm facing a problem creating custom pipes that are supposed to share info via pipe storage dir.

Our setup is:

  • We have a common repository for all pipe definitions, let's call it "pipes-repo", where each pipe is represented as a branch.
  • Each pipe is supposed to be able to read info saved in the storage dir by a previous pipe, and write it's own data according to this manual.

Problem: the first pipe successfully writes a file to the storage dir, the next pipe can read it, but cannot write its own file - got "Permission denied" error.

My guess is that's because with this setup the $BITBUCKET_PIPE_STORAGE_DIR clashes with $BITBUCKET_PIPE_SHARED_STORAGE_DIR/<account>/<pipe-name>. The <pipe-name> seems to be equal to repo name and disregards the branch name.

Like, with <account> = "my-company" and <pipe-name> = "pipes-repo":

  • $BITBUCKET_PIPE_STORAGE_DIR = “<…>/generated/pipeline/pipes/my-company/pipes-repo”
  • And also $BITBUCKET_PIPE_SHARED_STORAGE_DIR/<account>/<pipe-name> = “<…>/generated/pipeline/pipes/my-company/pipes-repo”

The bitbucket-pipeline.yaml is super simple and can be boiled down to:

pipelines:
branches:
master:
- step:
name: Do the 1st thing
script:
- pipe: my-company/pipes-repo:my-pipe-1
- step:
name: Do the 2nd thing
script:
- pipe: my-company/pipes-repo:my-pipe-2

I would greatly appreciate any tips! Thanks!

UPDATE: I've actually tried this with the exactly the same pipe, it's the same error.

pipelines:
branches:
master:
- step:
name: Do the 1st thing
script:
- pipe: my-company/pipes-repo:my-pipe-1
- step:
name: Do the 2nd thing
script:
- pipe: my-company/pipes-repo:my-pipe-1

So, basically, when the 1st step runs, the "root" user is the owner of the pipe storage dir (<…>/generated/pipeline/pipes/my-company/pipes-repo).

But when the second step runs, this folder is mounted and "nobody" is the owner. So though it's literally the same pipe, and it should be able to use its own storage folder - it cannot.

I also tried chmod and chown - no luck, "Operation not permitted".

3 answers

1 vote
Norbert Csupka
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 21, 2023

Hi Konstantin,

Thank you for reaching out to Atlassian Community!

I can see that you've already created a ticket within our Atlassian Support Portal where one of my colleague has already been working on this issue.

Thank you for your patience, while we investigate further about this issue

Best Regards,
Norbert

0 votes
Julien HENRY October 3, 2024

Hi folks,

 

We have a similar issue with permissions on the $BITBUCKET_PIPE_STORAGE_DIR directory.

 

In our situation, our Docker image is running with a non-root user. As a result, the pipe is unable to write to the $BITBUCKET_PIPE_STORAGE_DIR directory, even on the first run.

 

I did not find any explicit mention of it, but should we consider that Pipes images must run with the root user when willing to access the $BITBUCKET_PIPE_STORAGE_DIR?

Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 8, 2024

Hi Julien,

Please create a new community question via https://community.atlassian.com/t5/forums/postpage/board-id/bitbucket-questions or a support ticket via https://support.atlassian.com/contact/#/ and we will look into this.

Kind regards,
Theodora

Julien HENRY October 8, 2024

Done, thanks.

0 votes
Cap's Old Account
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
August 29, 2023

UPDATE: So one way the BitBucket team suggested is this: https://confluence.atlassian.com/bbkb/bitbucket-cloud-subsequent-pipe-step-run-fail-with-permission-denied-error-when-performing-write-operation-of-files-artifacts-1282249505.html

 

This is not acceptable for us, so we keep talking and looking for a solution.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events