-
Suggestion
-
Resolution: Fixed
-
None
-
None
-
98
-
Hi everyone! It's been a long wait, but I have good news for you. In Bitbucket Server 7.13 we have released Advanced repository management. This feature helps to get a holistic view on all repositories in Bitbucket. It can help you find all orphaned repositories in just a few clicks. Select Personal (deleted users) option in Repositories type filter.
Note: We will add Repository size filter soon, so that figuring out which orphaned repositories occupy the most disk space will be easy.
To learn more about new features of Bitbucket Data Center 7.13 read the release notes.
Cheers,
Anton Genkin - Product Manager
Bitbucket Data Center
Original message
Summary
From this post in Answers we found a use case in which users that are removed from Stash or deactivated in an external User Directory might leave orphan personal repositories behind that are not accessible from the UI.
We should offer sysadmins a way to view these orphaned personal repositories so they can be managed.
Steps to Reproduce
Here is the scenario. I, the administrator, create a user. The user logs in and creates some repositories and only gives himself/herself access to said repositories.
The user is now fired and the administrator (actually the LDAP synchronization task) removes the user from Stash. How does the administrator find all of the repositories that the user created?
When I run this test, the repositories just seem to disappear. I have to know the names of the repositories to search for them and then I can add a new owner or delete them.
I work for a large organization and this scenario could lead to many orphaned repositories, because the administrator is not privy to every employee departure and certainly would not know what repositories were created by the user.
Scenario 1: Internal Database
- Create a user in the Stash Internal Database
- Add at least Global permissions to it
- Log in as the newly created user
- Go to its profile and create a personal repo
- As an admin user, delete the user
- You will have created an orphan repo
Scenario 2: External Directory
- Create a user in the External Directory you've got (i.e. LDAP, Crowd or JIRA)
- Add at least Global permissions to it
- Log in as the newly created user
- Go to its profile and create a personal repo
- As an admin of the User Directory, de-activate the user
- You will have created an orphan repo
Expected Results
The repo will still be there, but the Stash administrator will have a way to easily find repos on that situation.
Actual Results
The repo will still be there, but the Stash administrator will have a way to easily find repos on that situation.
This ties back to STASH-3564 as there should be a better way to visualize/browse personal repositories
Workaround
You will be able to find the orphan users/repos if you run the query below against your database:
select snu.name, r.slug from sta_personal_project spr, repository r, sta_normal_user snu where spr.project_id=r.project_id and spr.owner_id=snu.user_id and snu.name not in (select u.lower_user_name from cwd_user u join cwd_directory d on u.directory_id = d.id where d.is_active='T' and u.is_active='T');
Important: do not change anything on your database. With the information above, as a Stash administrator, you will be able to hit the orphan profile page of that user and remove its repo. You will have to browse straight into their profile page by hitting the following URL:
http://<Stash_URL>/users/<username_from_query_above>
On this page you will be able to see all the user's orphan repos. From there, you can browse into the repo "Settings" and delete the repo on the top right button of the next screen.
If you need the deletion to be done in bulk, you can programmatically do it using the DELETE method using curl, for example, calling this REST API in Stash.
- is duplicated by
-
- Closed
- relates to
-
- Gathering Interest
- mentioned in
-
Page Failed to load
-
Page Failed to load
-
Page Failed to load
-
Page Loading...
-
-
-
-
-
[BSERV-7265] Allow sysadmins to view orphaned repositories in Stash
Hi everyone! It's been a long wait, but I have good news for you. In Bitbucket Server 7.13 we have released Advanced repository management. This feature helps to get a holistic view on all repositories in Bitbucket. It can help you find all orphaned repositories in just a few clicks. Select Personal (deleted users) option in Repositories type filter.
Note: We will add Repository size filter soon, so that figuring out which orphaned repositories occupy the most disk space will be easy.
To learn more about new features of Bitbucket Data Center 7.13 read the release notes.
Cheers,
Anton Genkin - Product Manager
Bitbucket Data Center
For me this is a big issue because I keep finding orphaned repos. And I'm not talking about the personal ones.
Latest time this happened was 5 days ago when one of our users deleted a repo and, even now, I can find its folder on the server with all its 20GB of data. And yes, that's 20GB :|
What's also sad is that there's no good way to audit the repos/projects from a server prospective. You can see it on the individual projects, but that's just not good enough for a server.
Of course, this is in reality a bug since the deleted repo isn't removed from the disk,
Hi all,
Thank you so much for your votes and comments on this suggestion.
We are envisioning solutions for cleanup and better repository management and would like to invite you to take part in the research:
- Session is 30 minutes and conducted over Zoom, so you can participate from anywhere around the globe.
- During the call, we'll chat about your needs for better repository management and discuss some ideas we have.
- As a token of appreciation, you'll receive an e-gift card worth $50 USD within 5 days of completing your session.
If you're interested in participating, please send me an email at agenkin@atlassian.com
with a few words about your company and your role.
Cheers,
Anton Genkin
Bitbucket Data Center
Went looking for the "Personal Repos for Bitbucket Server" app, but development has long since lapsed and it is no longer compatible with the current version of bitbucket. We migrated users to a new AD domain and with some artistic user management we were able to maintain project associations, roles, etc, but lost the personal repository access.
I don't see a current marketplace app to provide this functionality.
Every query on https://confluence.atlassian.com/bitbucketserverkb/how-to-find-personal-repositories-of-deleted-users-779171148.html didn't work for me on Postgres. /shrug
URL provided within workaround (http://<Stash_URL>/users/<username_from_query_above>) doesn't work for me.
Solution was to within https://confluence.atlassian.com/bitbucketserverkb/how-to-find-personal-repositories-of-deleted-users-779171148.html proper URL is: http://<BITBUCKET_SERVER>:7990/projects/~<USER_NAME_FROM_SQL>/repos/<REPOSITORY_NAME>/browse
From Enterprise perspective case when we need to align with Legal about that what is stored under our instance is allowed. This is painful with UI not providing such possibilities.
@Kubik
I was also disappointed that there is no integrated admin view for personal repositories ... Over the years, we have had a lot of employees who have left and have not removed your personal repos before.
I use a Plugin "Personal Repos for Bitbucket Server" that helps me to see very quick all personal repositories and also to find (indirectly) orphaned personal repos because of "inactive" users.
In the "Personal Repositories" View (Administration -> Accounts -> Personal Repositories) you can see all users that have personal repositories (with the sum of the size of all their repos "+1") the and secound hint is, that you can see right to the name of the user she/he is already [Inactive] "+1"
Until now I don't use or tested the Permission-Feature of that plugin (where you can obviously restrict the personal repository usage).
I hope it helps a little ...
Kelly Kubik
added a comment - How is this still an issue? Enterprises are using your software, start adding enterprise functionality. I have to do an SQL query to find all the orphaned user repos manually? Why isn't there a way to do this through the admin console? To the root of the problem, why can't I turn off personal repos through the admin console?
Kelly Kubik
added a comment - How is this still an issue? Enterprises are using your software, start adding enterprise functionality. I have to do an SQL query to find all the orphaned user repos manually? Why isn't there a way to do this through the admin console? To the root of the problem, why can't I turn off personal repos through the admin console? Bitbucket Server will never delete repositories unless explicitly told to. Personal repositories created users who later become inactive or are deleted are never automatically deleted because the system can't know what might be lost by doing so. Sometimes it's not readily apparent, when a given user leaves, exactly how important all their repositories are. If they wrote and deployed a bit of code, and it's working well, it could be weeks, or months, before an issue with it leads to someone realizing it's stored in an "orphaned" repository.
Best regards,
Bryan Turner
Atlassian Bitbucket
Thanks!
Time to plan the next update
Davide.