Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Bitbucket Cloud Access Tokens over App Passwords #5015

Open
1 task
eightnoneone opened this issue Oct 18, 2024 · 0 comments
Open
1 task

Support Bitbucket Cloud Access Tokens over App Passwords #5015

eightnoneone opened this issue Oct 18, 2024 · 0 comments
Labels
feature New functionality/enhancement provider/bitbucket

Comments

@eightnoneone
Copy link

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request. Searching for pre-existing feature requests helps us consolidate datapoints for identical requirements into a single place, thank you!
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment.

Describe the user story
In late 2022 through Jan 2023, Bitbucket Cloud introduced Access Tokens for Projects, Workspaces, and Repos. These provide access not bound to a specific user account. Atlassian encourages use of Access Tokens over user-bound App Passwords for automation and CI/CD processes.

As an administrator, I would like to configure Atlantis access to Bitbucket Cloud using Access Tokens. Access Tokens are the more appropriate method for authenticating an automation integration. It would also alleviate the need to create a user that incurs Bitbucket licensing cost and fowls external directory integrations with role accounts.

Describe the solution you'd like
Add support to BB Cloud in similar fashion as currently exists for BB Server.

The WriteGitCreds function for GitHub constructs the identical form of x-access-token but is utilized exclusively for GitHub repos.

The BB Cloud Access Token creation process provides a botid for use in git config user.email "{botid}@bots.bitbucket.org". Since the --bitbucket-user is not actually used in the API access, that value could presumably be used to deliver this form of the git user.email.

Describe the drawbacks of your solution
The distinction of two similar token schemes will require clear documentation for implementation admins.

Describe alternatives you've considered
I tried using existing setting to trick Atlantis into treating BB Cloud as though it were BB Server, but this fails due to obvious differences in the APIs.
@eightnoneone eightnoneone added the feature New functionality/enhancement label Oct 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature New functionality/enhancement provider/bitbucket
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@eightnoneone