I am writing a bash script which will take a backup of my all bitbucket cloud repositories.
I have multiple private repositories in bitbucket and I want to list them using Bitbucket API 2.0
I have tried adding Bitbucket consumer but I am stuck at how to create an access token and used in curl command which gives me a list of all private repositories
Can someone please let me know about Auth generation in Bitbucket and How to generate an access token and pass it to bitbucket API?
Related
I have a private bitbucket repo pipeline and I want to use it to update some files on another bitbucket cloud gitops private repo, and I'm wondering whether there is a way to set credentials on the gitops repo without creating or using a user email, like setting a password or ssh keys in the gitops repo and use that in the pipeline to be able to push.
Any help would be appreciated.
I am using AWS CodeBuild and CodePipeline service to implement CI/CD in my project.
AWS CodeBuild using Bitbucket I am getting all repository of my Bitbucket account.
While Creating CodePipeLine and connect with my BitBucket, I can't get all repository of my BitBucket account.
I have admin access to BitBucket.
AWS CodeStar injected successfully in Bitbucket
So is there any extra setting need in the BitBucket account for implement AWS Codepipeline?
CodePipeline uses a Bitbucket App installed on your Bitbucket account to access repositories. Currently Bitbucket only allows Apps to access repositories on the same account that the App was installed on.1 I’ve passed this feedback onto the CodePipeline team who is partnering with Atlassian on this integration.
For now you can try this workaround:
Select the connection
Type the name of the Repo as <account>/<repository-name> in the "Repository name" field
Select the branch
CodePipeline connection should be able to retrieve the repo when you run the pipeline.
References
1: Bitbucket connections only provide access to repositories owned by the Bitbucket account that was used to create the connection.
Currently, Bitbucket only allows Apps to access repositories on the same account.
You can create a webhook from Bitbucket to GitHub and connect the correct Github repo to CodePipeline.
https://poeditor.com/blog/webhooks-solution-automate-sync-poeditor-github-bitbucket-repos/#:~:text=To%20add%20a%20webhook%20to,URL%20in%20the%20empty%20field.
We were able to get acces to the repositories in another workspace by giving, to our bitbucket service account, workspace administration rights.
We added it to a group that has the right to
Permission needed for account
For sure, you need a bitbucket administrator doing that for you.
Having done that, we can create a codestart connexion that access the repository in another workspace.
I am using the Azure Devops CLI on one of my pipelines. In order to use the CLI I need first login (authenticate). Unlike using the REST API, I can't use the OAuth token that is available to me.
So here's my understanding of my options:
I can do an "az login" using a PAT that I map to this environment variable:
AZURE_DEVOPS_EXT_PAT
THIS IS THE WAY I'm doing it now.
Apparently you can use a Service Principal. I like this the most because I should theoretically be able to have this principal apply to everyone on my team. Is that correct?
Use "az login" with a user/password. This is least desirable way to doing it because it involves passing around credentials. Too messy.
Although my pipeline has the OAuth token expost (System.AccessToken), it cannot be use by the CLI. For example is I try to assign the value of the OAuth token to the AZURE_DEVOPS_EXT_PAT it fails (AZURE_DEVOPS_EXT_PAT=$System.AccessToken).
Questions:
Is it possible to use the OAuth token to log in to the CLI?
Is the Service Principal the best way to go?
Additional Info:
I do not have subscriptions only a tenant-id, we're not creating any Azure resources, we're an AWS shop that happens to be using ADO only for CICD.
Use az devops login instead of az login
From your pipeline use:
- script: echo $(AccessToken) | az devops login
env:
AccessToken: $(System.AccessToken)
Few interesting notes:
Secrets (like System.AccessToken) are available to scripts unless you pass them in explicitly as environment variables
the System.AccessToken variable is the default access token of the build agent
there is a project-specific build agent and a project-collection build agent. The one you use is actually controlled by the 'limit access to current project scope' flag in the Pipeline settings for the project.
you may need to elevate permissions for the build agent if you're trying to manipulate objects. For example, you could grant the Create Tag permission on a repository if you wanted the build agent to update the repository.
you can also create your own PAT token with permissions that you specify.
I've got a webhook setup in GitLab to detect whenever changes are pushed to the project repo. This works as needed, however the URL in use contains my Jenkins credentials and I'd like to make this more secure. e.g.:
https://username:password#jenkins.url.com/project/git-project
Is there a way to generate a token of sorts in Jenkins instead of providing my username and password?
There are access tokens in GitLab, you can use it. From Jenkins part, you can install GitLab plugin and then add new credentials for SSH and GitLab API Token. Please see this and this for more details.
I am trying to install the BitBucket Status Notifier Plugin and as part of its documentation it is mentioning to create OAuth Consumer.
However I am not able to find the option in any setting, even if I am a super admin.
I am using hosted BitBucket v 4.7.1.
Any help?
It works only with BitBucket Cloud only. Look at the wiki page that you mentioned BitBucket Status Notifier Plugin
This plugin aims at the Atlassian-hosted BitBucket Cloud solution, not
BitBucket Server (formerly known as Stash).