-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
1
-
We have used bamboo with Bitbucket for a few years now and all was good, but since we updated from 6.5 to 6.8, java specs don't build because we apparently need to specify the ssh keypair.
Looking at it further, I see that we actually have to specify a bunch of parameters that bamboo should just be able to retrieve on its own.
What we have:
public static BitbucketServerRepository linkedRepository(String projectKey, String project, String repositoryName) { return new BitbucketServerRepository() .name(String.format("%s/%s", project, repositoryName)) .repositoryViewer(new BitbucketServerRepositoryViewer()) .server(new ApplicationLink().name(GIT_APPLICATION_LINK_NAME)) .projectKey(projectKey) .repositorySlug(repositoryName) .sshCloneUrl(String.format("%s/%s/%s", GIT_SSH_BASE, projectKey.toLowerCase(), repositoryName)) .sshPublicKey() .sshPrivateKey() .changeDetection(new VcsChangeDetection()) ; }
What should actually be necessary:
public static BitbucketServerRepository linkedRepository(String projectKey, String project, String repositoryName) { return new BitbucketServerRepository() .name(String.format("%s/%s", project, repositoryName)) .server(new ApplicationLink().name(GIT_APPLICATION_LINK_NAME)) .projectKey(projectKey) .repositorySlug(repositoryName) .changeDetection(new VcsChangeDetection()) ; }
The ssh keypair used to not be required, not sure why we are getting errors now that says it's mandatory since it worked fine and bamboo has all the tools needed to connect to Bitbucket to generate one and stuff. I don't want to have to keep track of ssh key pairs.
com.atlassian.bamboo.specs.api.exceptions.PropertiesValidationException: Repository not imported: ssh keypair must be defined when using repository stored specs java.lang.IllegalArgumentException: com.atlassian.bamboo.specs.api.exceptions.PropertiesValidationException: Repository not imported: ssh keypair must be defined when using repository stored specs at com.atlassian.bamboo.configuration.external.PlanConfigImportServiceImpl.lambda$validateAndCreateRepositoryObjects$12(PlanConfigImportServiceImpl.java:858) at com.atlassian.bamboo.variable.CustomVariableContextImpl.withVariableSubstitutor(CustomVariableContextImpl.java:196) at com.atlassian.bamboo.configuration.external.PlanConfigImportServiceImpl.validateAndCreateRepositoryObjects(PlanConfigImportServiceImpl.java:836) at com.atlassian.bamboo.configuration.external.PlanConfigImportServiceImpl.lambda$modifyTopLevelPlanFunction$2(PlanConfigImportServiceImpl.java:524) at com.atlassian.bamboo.core.ScopedExclusionServiceImpl.tryWithLock(ScopedExclusionServiceImpl.java:74) at com.atlassian.bamboo.configuration.external.PlanConfigImportServiceImpl.modifyExistingTopLevelPlan(PlanConfigImportServiceImpl.java:407) at com.atlassian.bamboo.configuration.external.PlanConfigImportServiceImpl.lambda$importPlan$0(PlanConfigImportServiceImpl.java:372) at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:140) at com.atlassian.bamboo.persistence.BambooTransactionHibernateTemplate.execute(BambooTransactionHibernateTemplate.java:28) at com.atlassian.bamboo.configuration.external.PlanConfigImportServiceImpl.importPlan(PlanConfigImportServiceImpl.java:353) at com.atlassian.bamboo.configuration.external.RepositoryStoredSpecsServiceImpl.importPlanProperties(RepositoryStoredSpecsServiceImpl.java:867) at com.atlassian.bamboo.configuration.external.RepositoryStoredSpecsServiceImpl.importBambooYamlForPlan(RepositoryStoredSpecsServiceImpl.java:838) at com.atlassian.bamboo.configuration.external.RepositoryStoredSpecsServiceImpl.lambda$importBambooYamlsOfAllTypes$5(RepositoryStoredSpecsServiceImpl.java:619) at com.atlassian.bamboo.configuration.external.RepositoryStoredSpecsServiceImpl.importBambooYamlsWithImporter(RepositoryStoredSpecsServiceImpl.java:657) at com.atlassian.bamboo.configuration.external.RepositoryStoredSpecsServiceImpl.importBambooYamlsOfAllTypes(RepositoryStoredSpecsServiceImpl.java:626) at com.atlassian.bamboo.configuration.external.RepositoryStoredSpecsServiceImpl.processSpecs(RepositoryStoredSpecsServiceImpl.java:402) at com.atlassian.bamboo.configuration.external.RepositoryStoredSpecsServiceImpl.runBambooSpecs(RepositoryStoredSpecsServiceImpl.java:284) at com.atlassian.bamboo.configuration.external.RssDetectionServiceImpl.runRssDetection(RssDetectionServiceImpl.java:262) at com.atlassian.bamboo.configuration.external.detection.RssDetectionRunnable.run(RssDetectionRunnable.java:42) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at com.atlassian.bamboo.utils.BambooRunnables$1.run(BambooRunnables.java:48) at com.atlassian.bamboo.security.ImpersonationHelper.runWith(ImpersonationHelper.java:26) at com.atlassian.bamboo.security.ImpersonationHelper.runWithSystemAuthority(ImpersonationHelper.java:17) at com.atlassian.bamboo.security.ImpersonationHelper$1.run(ImpersonationHelper.java:41) at java.lang.Thread.run(Thread.java:748) Caused by: com.atlassian.bamboo.specs.api.exceptions.PropertiesValidationException: Repository not imported: ssh keypair must be defined when using repository stored specs at com.atlassian.bamboo.plugins.stash.v2.exporter.BitbucketServerExporter.importLocationData(BitbucketServerExporter.java:238) at com.atlassian.bamboo.plugins.stash.v2.exporter.BitbucketServerExporter.importLocationData(BitbucketServerExporter.java:70) at com.atlassian.bamboo.configuration.external.exporters.RepositoryExporterImpl.importRepository(RepositoryExporterImpl.java:240) at com.atlassian.bamboo.configuration.external.PlanConfigImportServiceImpl.lambda$validateAndCreateRepositoryObjects$12(PlanConfigImportServiceImpl.java:842) ... 27 more
The ssh clone url can be inferred from the application link and the project key / repository slug.
The repository viewer should really be set by default for bitbucket repositories
[BAM-20397] Java Spec rejects repositories configured with application link without ssh keypair
Stumbled on this too. Cannot understand it either, why ssh credentials have to be provided when using an application link in the BitbucketServerRepository. Storing credentials in a bamboo-spec project in a repository is not a very good idea and a security risk! Hope this gets fixed!
What is wrong with Atlassian support, this ticket was logged in in 2019, there is no response from the product team yet.
Since repository-stored specs require linked repositories, I was able to leverage the Plan.linkedRepositories() method to avoid storing SSH keys in the repository. That'll work for now, though it would be nice if the BitbucketServerRepository class properly made use of application links.
We are also having this problem. We have an application link between Bamboo Server and Bitbucket Server specifically to avoid the overhead of key management, but it seems that Atlassian has made it so Bamboo Specs cannot be used with application links. The Bamboo documentation says SSH keys are required if using repository-stored specs, which is a terrible idea. Secrets should NEVER be stored in source control, encrypted or not. What gives, Atlassian?
But wait, there's more. You can probably define shared credentials on project level, but Bitbucket server repositories cannot use that, lol. You need to specify ssh key pair.