How to push to repository under SSH protocol using Script task

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

The following instructions only work with SSH keys with no passphrase defined. You can optionally run an ssh-agent that will manage SSH keys that contain a password. How to use an ssh-agent is out of the scope of this article.

This page is available as a courtesy only and its content should be considered as legacy documentation. If you are running Bamboo 6.7 or later, please use a Source control task instead to commit/push in Bamboo. A Source control task provides you with all the required authentication and control in a transparent way. Scripting and SSH configurations are unsupported and their results are not guaranteed.

Purpose

Set up Bamboo to be able to push source code to your Git repository using the SSH protocol (from the Bamboo Server as a Local Agent or a Bamboo Remote or Elastic Agent). You will need to prepare every Bamboo Agent with those keys so they are able to push and pull changes from your Bitbucket repository. Your Bitbucket repository (or any Git repository you wish to use) should have those SSH public keys approved.

Solution

1. Generate Public and Private keys:

For accessing Bitbucket Cloud or Server over SSH without a configured Application Link, you will need an SSH keypair. This is also true for other third-party Git Server implementations. There are many ways to generate an SSH keypair. We'll cover a few:

  1. Using OpenSSH Client - For this, we need to install the OpenSSH Client then use the ssh-keygen command to generate the keys
  2. Using Putty to generate the keys

In this article, we will be using Putty for generating the SSH keys.

  1. Download the Putty client and install it
  2. Go to the Putty install directory and then execute the puttygen application
  3. Hit on "Generate" and then start moving your mouse to generate the keys
  4. Once the keys are generated, copy the public key and save it to the directory <path-to-Users>\<user-name>\.ssh or $HOME\.ssh with the file name id_rsa.pub
  5. Now in your puttygen application, go to "Conversions" and then select "Export OpenSSH Key" to export the private key to the directory <path-to-Users>\<user-name>\.ssh or $HOME\.ssh with the file name id_rsa

2. Edit the "hosts" file and set up an SSH host alias

For Linux/Unix:
  • Edit "hosts" file ("/etc/hosts")

Provide a hostname to access our repository in Stash/Bitbucket Server, e.g.

192.168.10.85    stash.repository
  • Set up an SSH config file

Edit $HOME/.ssh/config and add the following:

# contents of $HOME/.ssh/config
Host stash.repository
	StrictHostKeyChecking no
	HostName 192.168.10.85
	IdentityFile /root/.ssh/id_rsa

Host

This means that you can simply type $ ssh stash.repository and the options will be read from the configuration file.

StrictHostKeyCheckingIf this flag is set to "no", SSH will automatically add new host keys to the user's known_hosts file.
HostName

Specifies the real hostname to log into.

IdentityFileThe use of IdentityFile allows you to specify exactly which private key you wish to use for authentication with the given host.


Refer to ssh_config for further information.

For Windows:
  • Edit "hosts" file ("C:\Windows\System32\drivers\etc\hosts")

Provide a hostname to access our repository in Stash/Bitbucket Server, e.g.

192.168.10.85    stash.repository

3. Configure Bitbucket

Add the generated SSH public keys to your Bitbucket repository:

4. Set up a Script task

In Bamboo, add a Script task to your existing Job after the Source Code Checkout task:

The Script task below needs to come after a Source Code Checkout task. The Source Code Checkout task will prepare the build location by initialising the git directory and executing the initial fetch, hence there is no need to run those git init/fetch commands in the script task below.

Script task "git push - no passphrase"
echo "# =================== #"
echo "# git remote set-url origin"
echo "# =================== #"
git remote set-url origin "ssh://stash.repository:7999/bam/ssh.git"

echo "# =================== #"
echo "# git config -l"
echo "# =================== #"
git config -l

echo "# =================== #"
echo "# git config user"
echo "# =================== #"
git config --local user.name root
git config --local user.email root@localhost

echo "# =================== #"
echo "# create file"
echo "# =================== #"
echo "${bamboo.planKey}-${bamboo.buildNumber}" >> file.txt

echo "# =================== #"
echo "# git add file.txt"
echo "# =================== #"
git add file.txt

echo "# =================== #"
echo "# git commit"
echo "# =================== #"
git commit -m "add ${bamboo.planKey}-${bamboo.buildNumber}"

echo "# =================== #"
echo "# git push origin master"
echo "# =================== #"
git push origin master

Test

Run a new build and you should find the following in the build logs:

Build log "git push - no passphrase"
simple	29-May-2015 16:34:27	Starting task 'git push - no passphrase' of type 'com.atlassian.bamboo.plugins.scripttask:task.builder.script'
command	29-May-2015 16:34:27	Beginning to execute external process for build 'Repositories - Git (Stash) - Default Job #2 (REP-GS-JOB1-2)'\n ... running command line: \n/bin/sh /tmp/REP-GS-JOB1-2-ScriptBuildTask-1848464132733721778.sh\n ... in: /<bamboo-home>/xml-data/build-dir/REP-GS-JOB1\n ... using extra environment variables: 
...
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# git remote set-url origin
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# git config -l
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	core.repositoryformatversion=0
build	29-May-2015 16:34:27	core.filemode=true
build	29-May-2015 16:34:27	core.bare=false
build	29-May-2015 16:34:27	core.logallrefupdates=true
build	29-May-2015 16:34:27	remote.origin.url=ssh://stash.repository:7999/bam/ssh.git
build	29-May-2015 16:34:27	remote.origin.fetch=+refs/heads/*:refs/remotes/origin/*
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# git config user
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# create file
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# git add file.txt
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# git commit
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	[master dfcbee9] add REP-GS-2
build	29-May-2015 16:34:27	 1 file changed, 1 insertion(+)
build	29-May-2015 16:34:27	# =================== #
build	29-May-2015 16:34:27	# git push origin master
build	29-May-2015 16:34:27	# =================== #
error	29-May-2015 16:34:27	To ssh://stash.repository:7999/bam/ssh.git
error	29-May-2015 16:34:27	   99e9848..dfcbee9  master -> master
simple	29-May-2015 16:34:27	Finished task 'git push - no passphrase' with result: Success

Last modified on Mar 20, 2022

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.