Setting up a pipeline in BitBucket
I'm having trouble setting up a pipeline in Bitbucket to connect my repository to DeBricked, which is an online code scanning service. Here is the YAML file which describes the integration:
image: atlassian/default-image:3
pipelines:
default:
- parallel:
- step:
name: 'DeBricked Integration'
script:
- git config --global --add safe.directory /opt/atlassian/pipelines/agent/build
- pipe: debricked/debricked-scan:3.0.0
variables:
DEBRICKED_TOKEN: $DEBRICKED_TOKEN
# BASE_DIRECTORY: "<string>" # Optional
# DEBRICKED_EXCLUSIONS: "<string>" # Optional
As you can see, I have added in the statement:
- git config --global --add safe.directory /opt/atlassian/pipelines/agent/build
(The documentation and tips I've seen elsewhere present that statement without the - prefix, however I fiddled around with the syntax and I found that the only way to get that to be valid is by inserting the - prefix.)
However, I'm still getting the fatal error:
fatal: detected dubious ownership in repository at '/opt/atlassian/pipelines/agent/build'
(I've seen other articles which propose that adding that corrective statement should fix the problem. However, this is not working for me.)
The output from the execution of the pipeline indicates that the statement is executing, it shows that it took under 1 second to execute:
However, it doesn't stop the error from occurring. The error message includes a diagnostic stating that if I add that command into my script, it will prevent the error, however I can't get it to work as advertised.
Status: Downloaded newer image for debricked/debricked-scan:3.0.0
fatal: detected dubious ownership in repository at '/opt/atlassian/pipelines/agent/build'
To add an exception for this directory, call:
git config --global --add safe.directory /opt/atlassian/pipelines/agent/build
Here is the complete execution output from the pipe step.
+ docker container run \
--volume=/opt/atlassian/pipelines/agent/build:/opt/atlassian/pipelines/agent/build \
--volume=/opt/atlassian/pipelines/agent/ssh:/opt/atlassian/pipelines/agent/ssh:ro \
--volume=/usr/local/bin/docker:/usr/local/bin/docker:ro \
--volume=/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes:/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes \
--volume=/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes/debricked/debricked-scan:/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes/debricked/debricked-scan \
--workdir=$(pwd) \
--label=org.bitbucket.pipelines.system=true \
--env=BITBUCKET_STEP_TRIGGERER_UUID="$BITBUCKET_STEP_TRIGGERER_UUID" \
--env=BITBUCKET_REPO_FULL_NAME="$BITBUCKET_REPO_FULL_NAME" \
--env=BITBUCKET_GIT_HTTP_ORIGIN="$BITBUCKET_GIT_HTTP_ORIGIN" \
--env=BITBUCKET_PROJECT_UUID="$BITBUCKET_PROJECT_UUID" \
--env=BITBUCKET_REPO_IS_PRIVATE="$BITBUCKET_REPO_IS_PRIVATE" \
--env=BITBUCKET_WORKSPACE="$BITBUCKET_WORKSPACE" \
--env=BITBUCKET_SSH_KEY_FILE="$BITBUCKET_SSH_KEY_FILE" \
--env=BITBUCKET_REPO_OWNER_UUID="$BITBUCKET_REPO_OWNER_UUID" \
--env=BITBUCKET_BRANCH="$BITBUCKET_BRANCH" \
--env=BITBUCKET_REPO_UUID="$BITBUCKET_REPO_UUID" \
--env=BITBUCKET_PROJECT_KEY="$BITBUCKET_PROJECT_KEY" \
--env=BITBUCKET_PARALLEL_STEP_COUNT="$BITBUCKET_PARALLEL_STEP_COUNT" \
--env=BITBUCKET_REPO_SLUG="$BITBUCKET_REPO_SLUG" \
--env=CI="$CI" \
--env=BITBUCKET_REPO_OWNER="$BITBUCKET_REPO_OWNER" \
--env=BITBUCKET_PARALLEL_STEP="$BITBUCKET_PARALLEL_STEP" \
--env=BITBUCKET_STEP_RUN_NUMBER="$BITBUCKET_STEP_RUN_NUMBER" \
--env=BITBUCKET_BUILD_NUMBER="$BITBUCKET_BUILD_NUMBER" \
--env=BITBUCKET_GIT_SSH_ORIGIN="$BITBUCKET_GIT_SSH_ORIGIN" \
--env=BITBUCKET_PIPELINE_UUID="$BITBUCKET_PIPELINE_UUID" \
--env=BITBUCKET_COMMIT="$BITBUCKET_COMMIT" \
--env=BITBUCKET_CLONE_DIR="$BITBUCKET_CLONE_DIR" \
--env=PIPELINES_JWT_TOKEN="$PIPELINES_JWT_TOKEN" \
--env=BITBUCKET_STEP_UUID="$BITBUCKET_STEP_UUID" \
--env=BITBUCKET_DOCKER_HOST_INTERNAL="$BITBUCKET_DOCKER_HOST_INTERNAL" \
--env=DOCKER_HOST="tcp://host.docker.internal:2375" \
--env=BITBUCKET_PIPE_SHARED_STORAGE_DIR="/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes" \
--env=BITBUCKET_PIPE_STORAGE_DIR="/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes/debricked/debricked-scan" \
--env=DEBRICKED_TOKEN="$DEBRICKED_TOKEN" \
--add-host="host.docker.internal:$BITBUCKET_DOCKER_HOST_INTERNAL" \
debricked/debricked-scan:3.0.0
Unable to find image 'debricked/debricked-scan:3.0.0' locally
3.0.0: Pulling from debricked/debricked-scan
7264a8db6415: Pulling fs layer
8928de6d3c14: Pulling fs layer
4f4fb700ef54: Pulling fs layer
2b7ef838e455: Pulling fs layer
e173fea3cade: Pulling fs layer
fc7af08a16d5: Pulling fs layer
7fee9dc293a1: Pulling fs layer
c4f131ca463e: Pulling fs layer
ae3bb37734a1: Pulling fs layer
1d9fdbb6c760: Pulling fs layer
fc7af08a16d5: Waiting
7fee9dc293a1: Waiting
c4f131ca463e: Waiting
ae3bb37734a1: Waiting
2b7ef838e455: Waiting
e173fea3cade: Waiting
1d9fdbb6c760: Waiting
7264a8db6415: Download complete
4f4fb700ef54: Download complete
7264a8db6415: Pull complete
8928de6d3c14: Verifying Checksum
8928de6d3c14: Download complete
2b7ef838e455: Verifying Checksum
2b7ef838e455: Download complete
8928de6d3c14: Pull complete
4f4fb700ef54: Pull complete
fc7af08a16d5: Verifying Checksum
fc7af08a16d5: Download complete
2b7ef838e455: Pull complete
c4f131ca463e: Verifying Checksum
c4f131ca463e: Download complete
ae3bb37734a1: Download complete
1d9fdbb6c760: Verifying Checksum
1d9fdbb6c760: Download complete
7fee9dc293a1: Download complete
e173fea3cade: Verifying Checksum
e173fea3cade: Download complete
e173fea3cade: Pull complete
fc7af08a16d5: Pull complete
7fee9dc293a1: Pull complete
c4f131ca463e: Pull complete
ae3bb37734a1: Pull complete
1d9fdbb6c760: Pull complete
Digest: sha256:604965fecd783c47bb88386c********62a4d5ef6933175be616d978ba4a68e3
Status: Downloaded newer image for debricked/debricked-scan:3.0.0
fatal: detected dubious ownership in repository at '/opt/atlassian/pipelines/agent/build'
To add an exception for this directory, call:
git config --global --add safe.directory /opt/atlassian/pipelines/agent/build
Integration: bitbucket
Working directory: /opt/atlassian/pipelines/agent/build
So here's the answer. Ultimately, the main problem here is poor documentation on the part of the vendor.
DeBricked hosts a sample of this pipeline within a public Bitbucket account. I can't execute the pipeline of course, but I can view the log results.
https://bitbucket.org/debricked/example-use-of-debricked-pipe/pipelines/results/21
Lo and behold, the same "fatal" error (not so fatal, evidently) is issued, yet the script continues to execute and the results are as expected upon completion!
Ultimately, there is no problem here. So, if you receive this exception with this particular integration, simply allow the script to continue; despite the exception, you should see the expected results.
Since posting this, I have been in contact with the vendor - deBricked. They now have a new pipe, v3.0.1 which does not emit the fatal error.
- pipe: debricked/debricked-scan:3.0.1
- Bitbucket pipeline doesn't correctly install image
- How do I use a custom git config file for a project through bitbucket?
- Bitbucket Pipeline "docker: command not found"
- SourceTree keeps asking for Github password
- How to undo a merge on Bitbucket?
- git clone with filtering (filtering not recognized by server, ignoring. bitbucket remote)
- Assign Bitbucket Server to Gitlab
- How to match any issue with JQL in Bitbucket JIRA pre hook?
- git command to display un-merged branches for particular user in master repo
- Bitbucket pipeline error when uploading files
- How do I mount my ssh key for a BitBucket Repo to my container to use ssh git links on Argo Workflows?
- Trouble cloning a git repo using ssh with a secondary (non default) public key
- How to change the main branch in BitBucket?
- Swift Package Manager failed with: invalid archive returned from XY which is required by binary target
- bitbucket - The authenticity of host 'bitbucket.org' can't be established
- How to Fix "Expected a Step" Error in Jenkins Declarative Pipeline?
- How to store a file as bitbucket pipeline variable?
- How to run a script from another repo on a Windows self-hosted bitbucket runner
- Java build has started failing - Fatal error compiling: java.lang.IllegalAccessError: class lombok.javac.apt.LombokProcessor
- fast forward merge of outdated master
- Deleting remote master branch, refused due to being the current branch
- Old master branch out of sync
- BitBucket Git Error: did not send all necessary objects
- What is the best way to use Git, with HTTPS or with SSH?
- Downloading from bitbucket using REST Api Bitbucket
- Why do I get "The account does not have permission to access this resource" error when logging in to Bitbucket Cloud from XCode?
- How to remove binary files from all of the bitbucket git history, when the repo is already very close to 2GB?
- Recovering a deleted branch from a remote on Bitbucket (git)
- Atlassian slug generatorGenerator
- Bitbucket - Syncing Branch with another Branch