Uploaded image for project: 'Bitbucket Cloud'
  1. Bitbucket Cloud
  2. BCLOUD-19457

Restrict who has the ability to edit the bitbucket-pipelines.yml file

    XMLWordPrintable

Details

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Currently, anyone that has at least write access to a repository is able to edit its bitbucket-pipelines.yml file.

      This is a problem because Pipelines, as a CI/CD platform, may have access to restricted environments that any common user shouldn't really have. Allowing anyone with write access to edit bitbucket-pipelines.yml files basically gives them the ability to run arbitrary commands that may be unwanted.

       

      The suggestion, in this case, would be to restrict everyone from using the bitbucket-pipelines.yml file, except users who get explicitly whitelisted to edit this file.

      Attachments

        Issue Links

          duplicates

          Suggestion - BCLOUD-19453 Add extra permission to edit bitbucket-pipelines.yml file

          • Closed

          Activity

            People

              Unassigned Unassigned
              lmontiel@atlassian.com Leonardo M
              Votes:
              79 Vote for this issue
              Watchers:
              46 Start watching this issue

              Dates

                Created:
                Updated: