Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

trigger pipeline with branch permissions from a other pipeline

Lars_langhans
Lars_langhans March 21, 2022

I have a build pipeline to build my source then it should trigger a further pipeline of an other repository with branch permissions.

The result is all the time "Permission denied".

What I've done:

I use "bitbucket.org/atlassian/trigger-pipeline.git" to trigger the further pipeline, which works like a charm. Now I try to write/push into this further git repository via bash script. To restrict the rights I activate the "Branch permissions"  in the further pipeline. To myself, Administrators and DevOps (I'm Administrator). When I try to push, the result is always "Permission Denied". I change the git user by hand (git config user.name "myself"... also user --author "myself <email>"), create a new AOuth consumer in my workspace settings with all settings active. With this AOuth I get a new token and add this by git remote set-url origin http://x-token-auth:<token>@bitbucket.org... I can do git pull, git commit but I can't push to my repository.

When I remove the "Branch permissions" in my further repository, I can make a git push and it works as expected.

So one simple question, for what should such "Branch permissions" be good if they don't work as expected? It is absolutely not clear.

 

Answer
Watch
Like Joe likes this
551 views

1 answer

1 accepted

0 votes
Answer accepted
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 22, 2022

Hi @Lars_langhans,

At the moment, it is not possible to expose the Bitbucket Pipelines user in branch permissions, to allow pushes from Pipelines when the repo has branch permissions.

We have a feature request about this in our issue tracker:

Is your Bitbucket account added with Write access in the branch permissions of the branch you want to push to?

If so, you can do the following:

1. Create an OAuth consumer for your personal workspace instead of the workspace that owns the repo.

Your personal workspace can be found here https://bitbucket.org/account/workspaces/, it should have the same id as your username

2. Use the key and secret of that consumer to generate an access token.

We have an example repo on how to do this here: https://bitbucket.org/bitbucketpipelines/git-auth-oauth/src/master/bitbucket-pipelines.yml

You should then be able to push (as long as your Bitbucket account has Write access in the branch permission).

Is this something that works for you?

Please note that changing the user.name and author.email in the .git/config of the repo doesn't affect authentication, these values are only used for the author name and email in the commit data.

Please feel free to let me know if you have any questions.

Kind regards,
Theodora

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events