I've enabled two factor authentication for my bitbucket account.
Now Atlassian Sourcetree app on Osx doesn't works, it is unable to login on bitbucket.
How i can configure SourceTree to use bitbucket two factor auth?
Skip the initial login and from bitbucket.org, click the down arrow next to the repo name (to the left of the ssh/https link) and click 'clone to source tree' and it will work fine assuming you have your ssh keys setup already.
This worked fine for me when I just installed it and ran into the same issue of not allowing me to login initially.
-- update June 2016 --
Bitbucket now allows you to add an app password for specific apps like source tree. It is found under bitbucket settings > access management > app passwords. Once I created one and added the password to my source tree settings then I was able to successfully connect and reconnect to bitbucket to push and pull updates and create new repos.
Madness. Sourcetree supports Github MFA, but not BitBucket :(
Update
#markyk comments that:
The task with Atlassian is "Closed" with no intention of adding support. There is a comment to "user application passwords" as a work around, which is not ideal.
Original issue (closed)
bitbucket/two-step-verification-777023203.html#Two-stepverification-ConfirmapplicationsuseSSH
Workaround
In practice, this means creating the repo on the bitbucket website, then clicking 'I have an existing project' and copy pasting the revealed git commands into the terminal, like:
cd /path/to/my/repo
git remote add origin git#bitbucket.org:username/repo.git
git push -u origin --all # pushes up the repo and its refs for the first time
git push -u origin --tags # pushes up any tags
Then (after a refresh) Sourcetree will display your new remote.
There's a known bug around SourceTree and 2FA: https://confluence.atlassian.com/bitbucket/two-step-verification-777023203.html#Two-stepverification-Troubleshootingtwo-stepverification
For future reference, the ones who have configured their accounts to use OAuth and ssh to log in, but still run into the "There was an error authenticating the request. The account is configured to use Basic Auth with HTTPS but may have 2FA enabled on the server. Please edit your account to use OAuth."
Go to the main view of Sourcetree (I.E. where you add repositories). Right click your repository and select "Convert to OAuth".
SourceTree for Windows 1.10.x and SourceTree for Mac 2.4.x both now support using OAuth over HTTPS for REST api interactions and Git/Hg calls.
In both cases this means its possible to turn 2FA on Bitbucket but continue to use HTTPS rather than SSH for the Git/Hg remote urls.
Related
I have a couple of Jobs that pull code from bitbucket and build it in jenkins.
I'm using Git plugin to specify the repository URL + the git credentials.
Even though I set the credentials in each Job configuration, each time there is a push to bitbucket(that triggers the jenkins job), Mac is asking for "git-credential-osxkeychain wants to user the "login" keychain".
If I enter the password, the job will run and it will not ask again for a couple of hours.
I would like to make it permanent so that message won't be prompted any more.
Any advice ? thank you.
First, that only happens if you are using https URLs, as part of a git credential helper.
Using SSH URLs would bypass that entirely.
If the actual error message is
git-credential-osxkeychain wants to use your confidential information stored in "xxx" in your keychain.
Check out "unable to click always allow on git-credential-osxkeychain popup": delete the bitbucket entry, and do a git ls-remote /url/bitbucket/repo to force the credential helper to ask those credentials again: enter them, then try your Jenkins jobs again.
I'd like to configure bitbutcket to trigger a jenkins build.
I've spent some time researching this and all the answers are from a few years ago, and have not found any guides because things seem to have changed since.
What I'm trying to do:
A bitbucket push to a particular branch triggers a build.
What I've got:
Bitbucket web hooks which fires HTTP request to Jenkins on a push to any branch. I've also installed the Bitbucket plugin on Jenkins which adds a check box in the job config Build when a change is pushed to BitBucket. This checkbox doesnt seem to work (maybe I set it up wrong? minimal docs for this), despite me pushing to the configured branch in the SCM section.
Problem 1: Bitbucket does not fire a GET, but another request which causes a 403. I tested with postman, and it works with a GET, but not a POST.
Problem 2: This HTTP build request is fired on pushes to any branch. While the build is still restricted to a particular branch, it seems unnecessary to be rebuilding all the time.
How do i address these issues? Bitbucket does not seem to be very flexible in customizing this. The Jenkins plugin for bitbucket has a lot of 'bad' reviews. How are developers currently doing this?
SPECIFIC solution for Jenkins CI server--Webhook to Jenkins for Bitbucket plugin has been commercialized in latest version of Bit-Bucket and the current price is around $4800 which was earlier a free offering, because of this, guys who want to save their bucks, can go to the alternative solution by using webhooks feature of bit-bucket:-
Steps to create a webhook:-
BitBucket Side
1) Go to your bitbucket repo, click on Repository Setting, under WORKFLOW got for WEBHOOKS option and create a webhook.
a) creation of webhook:- URL https://JenkinsserverURL/git/notifyCommit?url=https://bitbucket.repository-link/repository.git
b) In the name tab, give any name of your choice
c) click on TEST CONNECTION before saving it. Make sure you get http status 200
d) View details your logs, check your request and response is correct.
Things to take care of from
Jenkins Side:-
1) Make sure repository mentioned in bitbucket webhook is used in Jenkins job.
2) In SCM option, activate/select Poll SCM option, don't mention anything in the schedule, leave it blank.
3) configure rest job,
Whenever your git repo observes any change an automatic build will get triggered in Jenkins. By default push trigger is activated and if you want to activate other action, please select those events while creating webhook.
***to specify the branch in repository webhook:-
http://yourserver/git/notifyCommit?url=<URL of the Git repository>[&branches=branch1[,branch2]*][&sha1=<commit ID>]
Cheers,
Is your Jenkins URL accessible from your bitbucket server? If yes that it should be fairly simple to do it. You add the webhook in your repository as http://<url-of-jenkins>/git/notifyCommit?url=<url-of-repository>. When jenkins receives this POST, it automatically triggers builds on those jobs that use this git repo with that URL you give in webhook.
But you also need to make sure your Build Schedule is set to empty for those jobs. otherwise it wont get triggered. You can specify a branch in webhook URL too
See the Push Notification from repository here
https://wiki.jenkins.io/display/JENKINS/Git+Plugin
For anyone here after July 2022, here are the simple steps I followed to make it work.
Create a live Jenkins URL
First, create a tunnel from a live URL to your local Jenkins URL using ngrok because using locahost:8080 directly as your webhook URL on bitbucket will simply not work as bitbucket does not recognize your local computer.
ps: ngrok claims to be the fastest way to put anything on the internet and I agree,
you can use it beyond Jenkins once you know the trick,
such as quickly handling out your localhost react app for testing by your friends
out of your local network
To do this is simple. For Linux:
Install ngrok snap install ngrok
Add authtoken ngrok config add-authtoken <token>
Don't have an auth token, sign up
Start a tunnel on your Jenkins port eg ngrok http 8080
To know more and for other OS, check ngrok download page
You will then get a response like
ngrok (Ctrl+C to quit)
Hello World! https://ngrok.com/next-generation
Session Status online
Account <your email>#<domain>.com (Plan: <plan type>)
Version 3.0.6
Region Europe (eu)
Latency 162ms
Web Interface <web interface url>
Forwarding https://<your-assigned-host>.ngrok.io -> http://localhost:8080
Basically, the web interface URL on click gives you a web interface to inspect all the requests being tunnelled from your ngrok live URL to your local host.
Forwarding URL is basically a proxy to your localhost, so when you want to configure webhook, instead of using locahost:8080, you replace it with ngrok URL eg https://syue-162-34-12-01.eu.ngrok.io and all requests get tunnelled to localhost:8080
Hook up the URL on bitbucket cloud
Secondly, configure your Bitbucket repository with a Webhook, using URL JENKINS_URL/bitbucket-hook/ (no need for credentials but do remember the trailing slash) eg https://syue-162-34-12-01.eu.ngrok.io/bitbucket-hook/
If you are using bitbucket server and not cloud or you want to know more, the bitbucket plugin documentation for Jenkins is pretty straightforward and easily understandable, see bitbucket plugin
then you can inspect all your webhook requests on the web interface URL or via your terminal as well as check your build logs on Jenkins via your localhost port or ngrok live url.
Disclaimer: I have not figured out how to enable build only when a specific branch change but you can configure jenkins to only build a specific branch or any branch created as your need may demand, check Source Code Management and Build Triggers
I setup an organisation on github a while (maybe a week) ago, and I am yet to see it appear on travis-ci. The organisation is mr-php (https://travis-ci.org/profile/mr-php / https://github.com/mr-php).
Do I have to do something to make it appear, or if this length of wait usual?
It was to do with organisation permissions. I had to go to GitHub and into the Travis-CI app settings then give it permission to access the organisation.
Please login into Github and then sign into Travis CI.
Give Travis permissiona to access the organisation.
And on your profile page https://travis-ci.org/profile/mr-php
use the "sync" button to synchronize your repos.
If no repos are found, file a bug.
If repos are found: flick the switch to turn Travis on for your repo.
You might also trigger your first build with a git push.
Or go back to your repo on Github and into Settings, then Webhooks & Services.
Click the "Travis CI" link, enter PW again and trigger a manual build, to test the service.
I've just setup Jenkins and i have some Repositories in my Stash.
I installed the "Git plugin" in jenkins.
I can now enter the repository url but there is nothing to enter my credentials.
It's possible using
http://username:password#mydomain/xx/yy.git
but that is something i dont want to do.
What else can i do to authenticate?
I am the author of this stash plugin that might help you: https://github.com/palantir/stashbot
Taking selectively from the readme:
To work with Jenkins, you MUST install the following jenkins plugins first.
Jenkins GIT plugin
Post build task
Next, build and install the plugin using the plugin SDK (more details in the readme)
Next, the stash admin goes into the Stashbot Admin page and creates a jenkins server config - here you give it the URL, username/password, etc details of the jenkins server.
Next, for each repository a "Stashbot CI Admin" link shows up for repo admins. From there you can check the "enabled" checkbox and tell it what branches you want build (via a regex) and what command it should run to do the build (optionally verifies and publishes).
After this point, the remainder is completely self-service. Any repo admin can ask for their project to "have CI" by filling out that form, and the jobs will automatically be created in the jenkins server.
Hope that helps.
Set up an SSH key for the user that runs your Jenkins builds and add it to the repository's SSH keys in Stash. See the Stash docs for instructions.
Two things to add to Gareth's answer.
While I agree that using SSH keys are definitely better than hard-coding the username/password, it's worth mentioning that Stash (currently) scales better with HTTP when it comes to CI. If you have quite a few builds we generally recommend using HTTP. We are currently extending our Git cache support to support SSH so this no longer an issue.
Somewhat related, you might be interested in watching and voting for the following feature which will make it easier to create CI specific keys.
Lastly having build icons show up in Stash is surprisingly handy, and you should have a look at the following plugin if you haven't already:
https://github.com/jenkinsci/stashNotifier-plugin
Since version 2.0 of "Git Plugin" for jenkins you should be able to directly add the required credentials for both ssh and username/password (based on credentials plugin).
See changelog of Git plugin: https://wiki.jenkins-ci.org/display/JENKINS/Git+Plugin#GitPlugin-Changelog for details.
For further integration of git and stash regarding pull requests you additionally need the "Stash Webhook for jenkins" add-on in stash and the "Stash Notifier" plugin for jenkins to connect each other.
I am trying to learn github to deploy a webpage. Here are the steps I am taking:
git checkout master
git pull origin master
git checkout –b my-awesome-branch
Do some work, do a git status to check on everything, everything is ok.
git add .
git commit –m "awesome message here"
git push origin my-awesome-branch
git checkout integration
git merge my-awesome-branch
git push origin integration
cap development deploy
this will push a file to the dev server we have so people can look at it - this worked fine for me you won't be able to see the link but it generates something like this:
http://dev.mywebsite.com/events/email/welcome
Let's go live (pretending there are no further changes)
git checkout master
git merge my-awesome-branch
git push origin master
cap production deploy
In theory, the file should push to the live website (which would be http://mywebsite.com/events/email/welcome) but that webpage is not created when i cap production deploy.
Another developer more familiar with this system says :
It looks like you forked "my party events" repo and have pushed the
master there. You'll want to push master to the upstream remote (the
main "my party events", or my_events repo.)
I don't follow this step. Can anyone follow this logic? If so, do you have a suggestion for me on what i may be doing wrong? Any help is appreciated.
If you have a forked branch on Github, that means you have a copy of the entire git repo under your name. Check your Github account to verify this.
To do this, go to https://github.com/your-github-user-name-here. On the left side, look for "my-party-events" (assuming that's the repo name). Underneath it, look for "forked from xyz/my-party-events".
If you don't see 'forked from ...', then you're the original owner of that repo. This shouldn't be the case.
If you do see 'forked from ...', then you have a copy under your name (that's what a fork is). Any changes you make to a fork don't affect the original repo.
If you're with me up to here, there's 2 ways you can go.
Via Git (Recommended)
Whenever you did a git pull or git push earlier, you were specifying origin, which is a human-readable name for a repo that you set up earlier. The repo address actually looks like this
git#github.com:your-user-name/project-name.git
As you can see, referring to it by a nickname like 'origin' is way easier to remember.
Assuming you have write access to the main project repo, you can just add another repo to your config. Make sure you have write access before attempting this, otherwise you're just wasting your time. Ask your coworker if you're not sure.
Lets say you wanted to nickname the repo as 'production', you would do this
git remote add production git#github.com:PROJECT_OWNER/project-name.git
The git repo address looks almost identical to your fork repo. It differs only by username. On the front page of all Github projects, the repo address is in a text field. It's next to the "SSH | HTTPS | Git Read-only" buttons. Get the address from there, replace it in the command above, and finally, do this in your command line
git push production master
From now on, you can just git push production master, which is pretty simple. If you don't have write access, then you'll have to submit changes via pull requests.
Through the Website
You can submit a pull request to the repo you forked from. A pull request asks the original repo admin to include changes you've made on your fork.
To submit a pull request, click on your project fork from your projects page. Look for the 'Pull Request' icon near the top right. That should take you to a page where you can choose the target and source branches.