I'm having a team in BitBucket which has around 200+ members & 500 repositories. I wanted do some auditing of all repos & using BitBucket API for most of my work. I came across a requirement where I need to find out Admin members of each repos ( even one repo at a time will do), I read documentation but didn't find anything useful.
Can someone could guide me on this.
Thanks,
Meghanand
There's this rest api defined to get the users of a repository with their permissions in the below link for BitBucket stash.
/rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/permissions/users.
May be this can be extended to BitBucket Cloud.
https://docs.atlassian.com/DAC/rest/stash/3.11.3/stash-rest.html#idp494288
Related
Is this correct that Jira is installed on one's server or local computer and that's the only way to run it?
If not, how can I run, or connect to, Jira on Atlassian's server?
Namely, at this point I don't want to install anything on my VPS or computer, and instead I want to be able to run Jira in the cloud, the same way I'd sigu up for and then use bitbucket or github. That is, by creating an account. I need Jira for a couple of days only, to test some REST API.
Where does one sign up for Jira? There's no way, is there?
At the current time Atlassian provides a free plan for its Jira cloud service.
See here: https://www.atlassian.com/software/jira/pricing
We have Jenkins setup in our organisation with two organisational folders which basically does builds for repo's from two different github organizations.
We use Keycloak to authenticate to Jenkins. (Not sure if that's relevant or not) and we authenticate using openid connect with Keycloak.
I would like to know if it is possible to restrict access for a certain group of users to only be able to view builds on one of the github organizations. So for example if we have two github organizations: mrrobot_org and evilcorp_org, then I would like to be able to make an evilcorp_org_devs_group and add users to that group which would then restrict those developers from only accesing builds from the evilcorp_org github organization.
Someone told me this might be possible to do from Keycloak, but it does not seem likely.
I've tried quite a few things already but from what I've read the best option seems to use this plugin
https://plugins.jenkins.io/role-strategy/
and match the organzation using a regex to match a folder:"Folders can be matched using expressions like
^foo/bar.*".
Any other suggestions how I could do this?
Thanks so much.
For anyone reading this. I ended up using the Folder auth plugin for Jenkins.
I ended up sticking to Keycloak for Authentication, but used the folder auth plugin for Authorization.
So this allows me to restrict access per Jenkins folder. Each folder containing the builds of a given github organization.
The plugin is pretty easy to use. You can check it out here:
https://github.com/jenkinsci/folder-auth-plugin
The docs are here:
https://github.com/jenkinsci/folder-auth-plugin/blob/master/docs/usage.md
What's the difference between hooks and webhooks in BitBucket? I've read the documentation for both but I can't seem to understand when you would use one over the other.
Edit: Documentation that I read.
https://confluence.atlassian.com/bitbucket/manage-webhooks-735643732.html
https://confluence.atlassian.com/bitbucketserver/using-repository-hooks-776639836.html
As ben5556 mentioned, you're comparing Bitbucket Cloud documentation to Bitbucket Server documentation. There's another important distinction here, though: the Bitbucket Server docs you linked refer to git hooks, which are a native part of Git, and the Bitbucket Cloud docs refer to webhooks, which are an HTTP-based callback mechanism. (In the interest of full disclosure, Bitbucket Server can send webhooks as well: https://confluence.atlassian.com/bitbucketserver/managing-webhooks-in-bitbucket-server-938025878.html)
You can't currently control git hooks on Bitbucket Cloud, but on Bitbucket Server (where you'd only break your own stuff) you can use those to control different parts of the git workflow. For example, on BB Server, you can use a pre-receive hook to reject pushes if some commits don't have a ticket number in the commit message, or you can use a post-receive hook to notify your (human) users about upcoming maintenance.
Webhooks are typically used more as a notification method - you can have Bitbucket notify Slack about pull request merges, for example, or have Bitbucket notify your CI/CD system that there are new commits to test.
Both are same from what I understand. One refers to Bitbucket server while the other refers to Bitbucket cloud but in essence their purpose is same.
I'm unable to find database query for total lines of code in all the bitbucket projects.
Does anyone know database query or REST API to get the total lines of code in all the bitbucket projects?
Thanks in advance.
There is no way to do this via the REST API as it's not information that either Bitbucket Server nor Bitbucket Cloud tracks currently.
I'm (really) curious though, why would this information be in any way useful?
I don't see an obvious way through the web gui, there's running a script like this on your local copy of the repository as an option.
https://github.com/AlDanial/cloc
Questions:
If I have a user group related to clients added to a repository with read access, would they be able to clone the repository on their local system?
If yes, what measures should I take to keep a group or user restricted to issue tracker only and not the code, means they should be able to create,update and close the issues but they should not be able to clone the repository, is there any way to do it, as I do not want the client to have access to the code until he has paid for the whole project.
Bitbucket's permissions do not support what you want to do.
Users with read access can clone the repository:
View, clone, and fork the repository code. All public repositories grant all Bitbucket Cloud users read permissions automatically. Read access on a repository also allows users to create issues, comment on issues, and edit wiki pages.
There is no configuration that permits users to create and freely browse issues while restricting read access to the repository. The most likely setting would be private repository / public issue tracker, but in this case access to the issue tracker for users without repository access is restricted:
Only users who have access to the private repository can create an issue. Other Bitbucket users and any Internet browser can view the issue tracker if you publish the URL.
There may be other services that support your requirements.