Search

Syntax Help
AdvancedBasic
Order by
  1. Bug
    JENKINS-75365Build Now action in Bitbucket couldn't be initiated
  2. Bug
    JENKINS-75325serverId using JobDSL is not working
  3. Bug
    JENKINS-75277Pipeline Job configuration cannot suggest (autocomplete) the bitbucket project and repository fields
  4. Improvement
    JENKINS-75228HMAC Capability for Atlassian Bitbucket Server Integration Plugin in Jenkins
  5. Bug
    JENKINS-75088Couldn't find any revision to build for PR build
  6. Bug
    JENKINS-74947Pull request builds dont show up in build list of the pull request
  7. New Feature
    JENKINS-74935In 'Adding Bitbucket Server Instance', allow SSH URLs
  8. Bug
    JENKINS-74807Cannot send authorized callback to bitbucket
  9. Bug
    JENKINS-74799PR builds don't work on Bitbucket Server Integration
  10. Bug
    JENKINS-73854Bitbucket Server consumers with bitbucket app link is incompatible
  11. Bug
    JENKINS-73680Failures to fetch Pull request refs from a mirror
  12. Bug
    JENKINS-73637Project Name Must be Project Key When Configuring Webhooks via Job DSL
  13. Bug
    JENKINS-73502GIT_BRANCH Variable Now Contains the Remote Name
  14. Task
    JENKINS-73494[QUESTION] How to set custom environments for JBitbucket server integration
  15. Bug
    JENKINS-73395Unable to Trigger a Jenkins Build manually
  16. New Feature
    JENKINS-73117Support for the parameterized builds
  17. Bug
    JENKINS-73085Git Parameter does not work with BitBucket Server Integration plugin
  18. Bug
    JENKINS-73066This plugin inefficiently retrieves the credential from system configuration every time
  19. Bug
    JENKINS-73032Cannot use serverName as alternative to serverId using JobDSL
  20. Bug
    JENKINS-72907Triggering Bitbucket Pull Request Builds on the correct branch in Freestyle projects
  21. New Feature
    JENKINS-72896Support custom refspec
  22. Bug
    JENKINS-72765Bitbucket SCM Configuration unstable
  23. Bug
    JENKINS-72721Discovered Pull Requests are not merged against target branch when being built
  24. Bug
    JENKINS-72684Build notifications do not use job credentials but the global credentials
  25. Improvement
    JENKINS-72681Discovered Pull Requests are named with the PR ID instead of the PR title
  26. Bug
    JENKINS-72680Filter by Name on Discovered Pull Requests filters against PR ID instead of PR title
  27. Bug
    JENKINS-72573The Bitbucket Server Integration plugin for Jenkins does not always report build status
  28. Bug
    JENKINS-72350Bitbucket Server Integration plugin does send correct Source Branch to build status API
  29. New Feature
    JENKINS-72053Jenkins integration plugin: Add capability to use centralized Jenkinsfile for building multiple Bitbucket projects/repositories
  30. Bug
    JENKINS-71903Bitbucket Webhook starts new job on pipeline despite "Branches to build" configuration
  31. New Feature
    JENKINS-71864Need a feature to continue build trigger from Jenkins when "Branches to Build" option in Pipeline Jobs is specified to specific branch and pull request is opened using different source branch to "Branches to build" relevant branch.
  32. Bug
    JENKINS-71826Authentication error when attempting to clone using secret text credentials
  33. Improvement
    JENKINS-71770Document "branchName" serialization compatibility between Bitbucket Server Integration 3.5.0 and 3.6.0
  34. Improvement
    JENKINS-71682Allow filtering of triggering per branch
  35. Improvement
    JENKINS-71610Http timeout for bitbucket server is not configurable
  36. Bug
    JENKINS-71595Pull request update events do not trigger mirror jobs
  37. Improvement
    JENKINS-71385Atlassian Bitbucket Plugin Support for CasC
  38. Bug
    JENKINS-70806Mirrors listening for pull request events building old commits
  39. Bug
    JENKINS-70720Bitbucket add-on used to allow SSH-only builds, but now requires a "Credentials (for build auth)" user/password to be specified
  40. Bug
    JENKINS-70696Plugin logging message showing class and instance ID and not actual status
  41. New Feature
    JENKINS-70484Receive Webhook requests POST content in build
  42. New Feature
    JENKINS-70285Document support for Secret Text credential type in the plugin
  43. Improvement
    JENKINS-70012Perform lightweight checkout on tags
  44. Improvement
    JENKINS-69745Allow refspec with Bitbucket Server Plugin (BbS)
  45. Bug
    JENKINS-69449any job connected to specific bitbucket repository with "Bitbucket Server" updates last commit status
  46. New Feature
    JENKINS-69406Jenkins Templating Engine Support
  47. Bug
    JENKINS-69288Misleading message "Consumer key cannot be empty"
  48. Bug
    JENKINS-69203Button to add new branches not showing in pipeline SCM configuration
  49. Improvement
    JENKINS-69199Document how to restrict building to only build PRs
  50. Improvement
    JENKINS-69004Allow configuration of how unstable build in jenkins maps to bitbucket
Refresh results
1 of 93
Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-75365

Build Now action in Bitbucket couldn't be initiated

      The build now action in Bitbucket (see below) can't be initiated in Bitbucket Server Integration Plugin 4.1.4.

      I believe this is because version 4.1.4 fixes Jenkins Security Advisory 2025-01-22. However, CSRF protection is not disabled for this URL.

      Jenkins responds with the following:


      Bitbucket doesn't have access to the crumb generated by Jenkins in the Jenkins user's session and therefore can't provide it in the Jenkins-Crumb header.

      Rolling back the plugin to version 4.1.3 fixes this issue, but doesn't include the security fixes from 4.1.4

        1. Screenshot 2025-03-04 150326.png
          Screenshot 2025-03-04 150326.png
          8 kB
        2. Screenshot 2025-03-04 150425.png
          Screenshot 2025-03-04 150425.png
          6 kB
        3. Screenshot 2025-03-04 150953.png
          Screenshot 2025-03-04 150953.png
          60 kB

          Austin added a comment -

          The build now button seems to only work for freestyle jobs. In my case, I am trying to build a multibranch pipeline job.

          I believe it is because of the following code in src/main/java/com/atlassian/bitbucket/jenkins/internal/applink/oauth/serviceprovider/rest/OauthCrumbExclusion.java:

          List<String> getBuilds() {
    return Jenkins.get().getAllItems(Project.class).stream().map(project -> "/" + project.getUrl() + "build").collect(Collectors.toList());    }

          This only returns a list of build URL's for freestyle projects because of Project.class

          org.jenkinsci.plugins.workflow.job.WorkflowJob.class however will work for other types of projects.

          Therefore, since my multibranch pipeline build URL is not in this list, the URL doesn't get a CSRF protection exemption like it should.

          Austin added a comment - The build now button seems to only work for freestyle jobs. In my case, I am trying to build a multibranch pipeline job. I believe it is because of the following code in src/main/java/com/atlassian/bitbucket/jenkins/internal/applink/oauth/serviceprovider/rest/OauthCrumbExclusion.java: List< String > getBuilds() { return Jenkins.get().getAllItems(Project.class).stream().map(project -> "/" + project.getUrl() + "build" ).collect(Collectors.toList()); } This only returns a list of build URL's for freestyle projects because of Project.class org.jenkinsci.plugins.workflow.job.WorkflowJob.class however will work for other types of projects. Therefore, since my multibranch pipeline build URL is not in this list, the URL doesn't get a CSRF protection exemption like it should.

            Unassigned Unassigned
            aputland Austin
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: