Support Bitbucket Cloud Project/Workspace Access Tokens
Closed this issue · 3 comments
What feature do you want to see added?
In Bitbucket Cloud I am trying to use Project Access Tokens. It doesn't seem like the plugin supports this or Workspace Access Tokens.
When creating the Project Access Token in the Bitbucket Cloud it shows using the token as a Bearer token for the API calls and use username of "x-token-auth" with the token as a password for Git operations.
In the Jenkins UI when I add the Bitbucket Branch source to a Multi Branch job:
-
If I setup an App Password for my user and create a Jenkins username/password credential everything works username=myuser, password=AppPassword). I can select the repository from the UI list, the branches are discovered, and the builds succeed.
-
If I have a Project Access Token I have tried two ways that both fail:
- Create a Jenkins username/password credential with username "x-auth-token" and the Project Access Token as the password.
- Create a Jenkins secret text credential with the Project Access Token as the value.
In both failure cases in the Jenkins UI the list of repositories is always empty showing
an error trying to list them in the browser network tab.
Would one of these options be possible to get Project Accesss Tokens to work?
Option 1
Still use username/password credential but if the username is "x-token-auth" then use the password as a Bearer token in the API calls and use the username/password for the Git authentication.
Option 2
If the credential is a string credential (Secret Text), instead of a username/password credential, then use the string as the Bearer token for the API calls. For Git authentication set the username to "x-token-auth" and user the token as the password.
A potential issue is would a Project Access Token be able to get the list of repositories when
we enter the workspace name in the Jenkins UI for the owner to query for? A Workspace Access Token
may not have this problem (if it is a problem).
Another question is are there any API calls the plugin makes that would not work with a Project Access Token? Our plan would be to not use Workspace Access Tokens but have Project Access Tokens defined for each project and set the correct one in the multi branch or pipeline job.
Upstream changes
No response
Are you interested in contributing this feature?
No response
This is a screenshot after creating a cloud project access token. It shows the use of the token in API and Git calls.
Token support should work starting with release 848.v42c6a_317eda_e.
Note that when you create a new multibranch pipeline / organizational folder, the list will not include "Secret text" credentials due to https://issues.jenkins.io/browse/JENKINS-72023.
My problem was the UI issue in Jenkins. I had created a Secret Text credential with the token but it did not show in the list. My workaround during create is to change the Bitbucket server drop down to another (dummy) entry then change it back to Bitbucket Cloud. This causes the credentials list to show the Secret Text credentials and now it works. I added the Checkout over SSH option for actually pulling the source code.