Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Bitbucket pipeline rsync deploy timeout problem

Ali İhsan İBİLEME
Ali İhsan İBİLEME
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 25, 2024

 

I am trying to deploy it on the server via bitbucket. I allowed the ip addresses on https://support.atlassian.com/bitbucket-cloud/docs/what-are-the-bitbucket-cloud-ip-addresses-i-should-use-to-configure-my-corporate-firewall/. However, it comes from different ip addresses such as amazon and ali baba every time. I wonder what kind of problem could be here.

 

Screenshot from 2024-10-25 16-24-10.png

WhatsApp Image 2024-10-25 at 16.24.05.jpeg

 

Note: It was working until August 30th. It stopped working after the last change.

Answer
Watch
Like Be the first to like this
392 views

2 answers

1 accepted

2 votes
Answer accepted
Ali İhsan İBİLEME
Ali İhsan İBİLEME
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 30, 2024

Hi @Theodora Boudale

Thank you for your answer. I am using the atlassian infrastructure. However, the IP addresses I mentioned above https://ip-ranges.amazonaws.com/ip-ranges.json are not available here either. Because we allowed the ip addresses here.

We are currently using the Community/Academic (tiered) plan.

 

pipelines:
  branches:
    main:
      - parallel:
          - step:
              image: node:14.20.0-slim
              name: Install and Build NPM
              caches:
                - node
              artifacts:
                - public/build/**
              script:
                - npm install
                - npm run build
          - step:
              image: php:8.2-fpm
              name: Install Composer and Build PHP
              caches:
                - composer
              artifacts:
                - vendor/**
              script:
                - apt-get update && apt-get install -y build-essential libssl-dev zlib1g-dev libpng-dev libjpeg-dev libgmp-dev libfreetype6-dev openssl gnupg libgnutls30 zip redis bash curl

                # Install PHP Extensions Installer
                - curl -sSLf -o /usr/local/bin/install-php-extensions https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions
                - chmod +x /usr/local/bin/install-php-extensions
                - install-php-extensions gd gmp zip redis-6.0.2

      - step:
          name: Production Deploy
          deployment: production
          script:
            - pipe: atlassian/rsync-deploy:0.13.0
              variables:
                USER: '$USER'
                SERVER: '$SERVER'
            - pipe: atlassian/ssh-run:0.8.1
              variables:
                SSH_USER: '$USER'
                SERVER: '$SERVER'
                MODE: 'script'
                COMMAND: 'deploy-scripts/deploy.sh'
View More Comments
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 30, 2024

Hi Ali İhsan,

You can use https://thameera.com/awsip/ to check which CIDR block a given IP belongs to and confirm if it is from Amazon Web Services. I checked the IP addresses from the screenshot of you first question and they are not AWS IPs.

Can you please add the following command in the script of your production step, before the two pipes are executed?

- curl ifconfig.me

Please note that curl needs to be installed in the Docker image you use as a build container for this step, for the curl command to get executed. You can use image: atlassian/default-image:4 for this step, as it has curl preinstalled.

What IP address do you get from this command if you run a new build?

Can you then check the requests in the same software you checked the blocked ones, around the time that the new Pipelines build runs and see what IPs are listed?

Kind regards,
Theodora

Like Ali İhsan İBİLEME likes this
Reply
1 vote
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 28, 2024

Hi and welcome to the community!

Can you please confirm if the Pipelines step that does the deployment runs on Atlassian's infrastructure? If so, we migrated 1x- and 2x-size build steps to a new runtime and they now operate from new, broader IP ranges.

The IP ranges listed in the section "Atlassian IP ranges" of the documentation you shared are used only by steps of size 4x or larger that have the atlassian-ip-range flag:

This option will work only if your workspace is on the Standard or Premium plan.

In all other cases, the following applies (I am quoting from the same documentation page):

The machines that execute all steps on Atlassian Cloud Infrastructure, not just steps opted into atlassian-ip-ranges ranges, are hosted on Amazon Web Services. SSH keyscans are also performed from within this environment.

An exhaustive list of IP addresses that the traffic may come from on AWS can be found by using the following endpoint, filtering to records where the service equals EC2 or S3, and using the us-east-1 and us-west-2 regions.

So, you will need to check this list:

and filter to records where the service equals EC2 or S3, and using the us-east-1 and us-west-2 regions, and allowlist these IP ranges.

Alternatively, if you are on the Standard or Premium plan you can use a 4x step with the flag atlassian-ip-range and then you will only need to allowlist the more limited set of IPs from the "Atlassian IP ranges" section of our docs. Please keep in mind that 4x steps use four times the build minutes of 1x steps.

Please feel free to reach out if you have any questions.

Kind regards,
Theodora

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events