[BAM-20557] Error 403 on connecting AWS CodeCommit to Bamboo as Linked repository

Type: Bug
Resolution: Unresolved
Priority: Low
Fix Version/s: None
Affects Version/s: 6.9.2
Component/s: Repository (Git)
Labels:
- bamboo-bugfix-kanban-candidate

Support reference count:
6
Symptom Severity:
Severity 2 - Major
UIS:
0
Bug Fix Policy:
View Atlassian Server bug fix policy

Issue Summary

Environment

The below fails for BambooServer 6.9.2. In Bamboo 5.15.3, acces to AWS CodeCommit worked for Git type, authetication with username and password and thus using HTTP protocol.

Steps to Reproduce

Setting up a Linked repository to AWS CodeCommit of generic Git type using username & password
The IAM user on AWS CodeCommit side has 'AWSCodeCommitFullAccess'
to the AWS CcodeCommit repository addresed in step 1
All other requirements like 'credential helper' being set and further needed AWS CodeCommit configuration is set as should

Expected Results

It should be able to successfully connect to AWS CodeCommit.

Actual Results

When terminating the setup of the Linked repository to AWS CodeCommitand pressing button "Test connection" on the end of this configuration page, connecting to the repository is not possible getting message pop-up saying "Fatal: Unable to access and error 403.

This happens because Bamboo inserts the username and '@' specified into the URL which AWS CodeCommit is apparently not accepting.

This is common Bamboo procedure and e.g. works perfectly like that for Bitbucket Cloud or GitHub.

Notes

When running git clone from command-line on the box hosting Bamboo Server, with the same username and password but without username and '@' before the AWS CodeCommit URL, things work fine. Please see below.

bamboo@ip-10-0-0-154:/tmp$ git clone https://git-codecommit.us-east-1.amazonaws.com/v1/repos/WTOP-Docker-build
 Cloning into 'WTOP-Docker-build'...
 Username for 'https://git-codecommit.us-east-1.amazonaws.com': bamboo-wtop-at-498104006619
 Password for 'https://bamboo-wtop-at-498104006619@git-codecommit.us-east-1.amazonaws.com': 
 remote: Counting objects: 8527, done.
 Receiving objects: 100% (8527/8527), 38.21 MiB | 6.28 MiB/s, done.
 Resolving deltas: 100% (2048/2048), done.
 Checking connectivity... done.

Inserting the username like Bamboo Server does and running the same git clone, re-prints the same error message and errro 403 as Bamboo does when setting up the Linked repository for AWS CodeCommit. So it fails as shown below.

bamboo@ip-10-0-0-154:/tmp$ git clone https://bamboo-wtop-at-498104006619@git-codecommit.us-east-1.amazonaws.com/v1/repos/WTOP-Docker-build/
 Cloning into 'WTOP-Docker-build'...
 fatal: unable to access 'https://bamboo-wtop-at-498104006619@git-codecommit.us-east-1.amazonaws.com/v1/repos/WTOP-Docker-build/': The requested URL returned error: 403

Workaround

Use git commands from out of a Bamboo Script task and within those, only use the AWS CodeCommit URL, without username (as of the above note)
You might use the SSH protocol and credentials for setting up a Linked repository for AWS CodeCommit. THough to succeed, you need toto configure: ~/.ssh/config, according to "SSH to codecommit: Step 3 #7" as of
Setup Steps for SSH Connections to AWS CodeCommit Repositories on Linux, macOS, or Unix

SET Analytics Bot made changes - 14/Jan/2025 2:46 AM

UIS

Original: 1

New: 0

SET Analytics Bot made changes - 10/Jan/2025 2:53 AM

UIS

Original: 0

New: 1

SET Analytics Bot made changes - 06/Dec/2024 2:35 AM

UIS

Original: 1

New: 0

SET Analytics Bot made changes - 20/Feb/2024 3:10 AM

UIS

Original: 2

New: 1

SET Analytics Bot made changes - 26/Jan/2024 2:29 AM

UIS

Original: 18

New: 2

SET Analytics Bot made changes - 23/Jan/2024 2:33 AM

UIS

Original: 1

New: 18

Yury Hayeu added a comment - 05/Jan/2024 10:18 PM

1. In repository settings set Authentication type: None
2. Save credentials in git credential helper
3. Add bamboo system property: bamboo.git.password.use.credentials.file=false
4. Enjoy

Yury Hayeu added a comment - 05/Jan/2024 10:18 PM 1. In repository settings set Authentication type: None 2. Save credentials in git credential helper 3. Add bamboo system property: bamboo.git.password.use.credentials.file=false 4. Enjoy

SET Analytics Bot made changes - 22/Jul/2023 2:29 AM

UIS

New: 1

Ricardo Martinez added a comment - 05/May/2022 11:45 AM

Were you able to do this, without using ssh?

Ricardo Martinez added a comment - 05/May/2022 11:45 AM Were you able to do this, without using ssh?

Bugfix Automation Bot made changes - 25/May/2021 2:00 PM

Support reference count

Original: 5

New: 6

Assignee:: Unassigned

Reporter:: Gerhard Forster (Inactive)

Affected customers:: 3 This affects my team

Watchers:: 10 Start watching this issue

Created:: 31/Jul/2019 4:10 PM

Updated:: 14/Jan/2025 2:46 AM

Details

Description

Issue Summary

Environment

Steps to Reproduce

Expected Results

Actual Results

Notes

Workaround

Attachments

Forms

Activity

Collapse comment: Yury Hayeu added a comment - 05/Jan/2024 10:18 PM

Expand comment: Yury Hayeu added a comment - 05/Jan/2024 10:18 PM

Collapse comment: Ricardo Martinez added a comment - 05/May/2022 11:45 AM

Expand comment: Ricardo Martinez added a comment - 05/May/2022 11:45 AM

People

Dates