You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I have a build pipeline to build my source then it should trigger a further pipeline of an other repository with branch permissions.
The result is all the time "Permission denied".
What I've done:
I use "bitbucket.org/atlassian/trigger-pipeline.git" to trigger the further pipeline, which works like a charm. Now I try to write/push into this further git repository via bash script. To restrict the rights I activate the "Branch permissions" in the further pipeline. To myself, Administrators and DevOps (I'm Administrator). When I try to push, the result is always "Permission Denied". I change the git user by hand (git config user.name "myself"... also user --author "myself <email>"), create a new AOuth consumer in my workspace settings with all settings active. With this AOuth I get a new token and add this by git remote set-url origin http://x-token-auth:<token>@bitbucket.org... I can do git pull, git commit but I can't push to my repository.
When I remove the "Branch permissions" in my further repository, I can make a git push and it works as expected.
So one simple question, for what should such "Branch permissions" be good if they don't work as expected? It is absolutely not clear.
At the moment, it is not possible to expose the Bitbucket Pipelines user in branch permissions, to allow pushes from Pipelines when the repo has branch permissions.
We have a feature request about this in our issue tracker:
Is your Bitbucket account added with Write access in the branch permissions of the branch you want to push to?
If so, you can do the following:
1. Create an OAuth consumer for your personal workspace instead of the workspace that owns the repo.
Your personal workspace can be found here https://bitbucket.org/account/workspaces/, it should have the same id as your username
2. Use the key and secret of that consumer to generate an access token.
We have an example repo on how to do this here: https://bitbucket.org/bitbucketpipelines/git-auth-oauth/src/master/bitbucket-pipelines.yml
You should then be able to push (as long as your Bitbucket account has Write access in the branch permission).
Is this something that works for you?
Please note that changing the user.name and author.email in the .git/config of the repo doesn't affect authentication, these values are only used for the author name and email in the commit data.
Please feel free to let me know if you have any questions.