Oracle Cloud Infrastructure Documentation

Creating a Bitbucket Server Configuration Source Provider

Create a configuration source provider in Resource Manager from Bitbucket Server.

Before You Begin

Following are the prerequisites to connect Oracle Cloud Infrastructure Resource Manager to Bitbucket Server.

Private server
Public server
Access token
  • Permissions to clone the repository and read the server information
  • Stored as a secret in a vault that you can access (through policies) when creating the configuration source provider

Creating a Certificate

Create a server certificate, certificate chain, and private key for a private Bitbucket server.

  1. Note the passphrase to use for creating the certificate.
  2. Connect to your private compute instance.
  3. Create the server certificate.

    For example, use the OpenSSL command line application.

    • For Linux, run: sudo yum install openssl
    • For MacOS, run: brew install openssl
    • For Windows, download the openssl binary from Win32/Win64 OpenSSL and configure the environment.

    Example commands, using vi for file creation (you can alternatively use touch):

    sudo openssl genrsa -des3 -out myCA.key 2048
sudo openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out myCA.pem
sudo openssl genrsa -des3 -out <key-name>.key 2048 
sudo openssl req -new -key <key-name>.key -out <key-name>.csr
sudo vi ./<file-name> 
sudo openssl x509 -req -in <key-name>.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial -out rms<key-name>.crt -days 825 -sha256 -extfile <key-name>.ext
cat <key-name>.crt
cat myCA.pem
sudo touch cert_chain.crt
  4. Create the certificate chain (cert_chain.crt):
    1. Copy the contents of <key-name>.crt to the top of cert_chain.crt.
    2. Underneath, copy the contents of myCA.pem.
      The root certificate (.pem contents) must follow the individual certificate (.crt contents).
    3. Save the file.
  5. Create the private key (<key-name>.npass.key) by running the following OpenSSL command: 
    sudo openssl rsa -in <key-name>.key -out <key-name>.npass.key

Importing an Existing Certificate

To access a private Bitbucket server, make its associated SSL certificate available in the Oracle Cloud Infrastructure Certificates service.

For more information about the Certificates service, see Certificates.

  1. Note the passphrase and the locations of the certificate chain, server certificate, and private key.
    See Creating a Certificate.
  2. Import the certificate.

    See Importing a Certificate.

    After the certificate is in the Certificates service, you can select it along with a private endpoint when you create the configuration source provider.

  • After completing all the prerequisites, follow these steps in the Console to create a configuration source provider from Bitbucket Server.
    1. Open the navigation menu and click Developer Services. Under Resource Manager, click Configuration Source Providers.
    2. On the Configuration source providers page, select a compartment.
    3. Click Create configuration source provider.
    4. In the Create configuration source provider panel, enter a name and optional description for the configuration source provider. Avoid entering confidential information.
    5. Select the compartment that you want to create the configuration source provider in.
    6. (Optional) To use a private endpoint, follow these steps:
      1. Click Private endpoint.
      2. Select or create a private endpoint. To select a private endpoint or certificate in a different compartment, click Change Compartment.
      3. Select an SSL certificate.
      For more information about private endpoints for private servers, see Private Git Server.
    7. For Type, select Bitbucket Server.
    8. Enter the following values:
      • Server URL: The Bitbucket Server service endpoint. Example: my-private-bitbucket-server.example.com
      • Vault: Vault service where the secret is stored.
      • Secret: Secret for authorization.
    9. (Optional) Click Show advanced options and assign tags to the configuration source provider.
      • Tag namespace: To add a defined tag, select an existing namespace. To add a free-from tag, leave the value blank.
      • Tag key: To add a defined tag, select an existing tag key. To add a free-form tag, type the key name that you want.
      • Tag value: Type the tag value that you want.
      • Add tag: Click to add another tag.
    10. Click Create.
    11. To confirm that Resource Manager can access the server URL using the provided authentication information, click the name of the configuration source provider to open the Configuration source provider information page, and then click Validate connection.

  • Use the oci resource-manager configuration-source-provider create-bitbucket-server-access-token-provider command and required parameters to create a configuration source provider from Bitbucket Server.

    oci resource-manager configuration-source-provider create-bitbucket-server-access-token-provider --api-endpoint <Bitbucket_Server_service_endpoint> --secret-id <secret_OCID>

    For a complete list of parameters and values for CLI commands, see the Command Line Reference for Resource Manager.

  • Run the CreateConfigurationSourceProvider operation to create a configuration source provider from Bitbucket Server.

    For an example of the configSourceProviderType part of the request, see CreateBitbucketServerAccessTokenConfigurationSourceProviderDetails.