How to bypass Verify Committer Hook in Bitbucket Data Center
Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.
Note that this knowledge base article was created for the Data Center version of the product. Data Center knowledge base articles for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
In Bitbucket, the Verify Committer Hook is enabled at either the Project or Repository level and user validation through the Verify Committer Hook needs to be bypassed for service users.
Environment
Bitbucket Server 7.21.19
Applies to Bitbucket Server/Data Center 8.x
Solution
There are two possible approaches to bypass the Verify Committer Hook in Bitbucket as below. Users can follow either of them.
First Approach: By using Project or Repository level HTTP Access Token (not user personal access token).
- In this approach, the user needs to create a Project/Repository HTTP Access Token with the required permission for the service account user.
- Once it is done, the user needs to share the below REST API call with the team members (Developers) with the newly created HTTP Access Token to clone the repositories in their environment or machines.
git clone -c http.extraHeader='Authorization: Bearer NzgwNzI5NTk1OTk0REDSFSHAiVExf712ERTYUIP' <Repository Clone URL>
Here replace NzgwNzI5NTk1OTk0REDSFSHAiVExf712ERTYUIP with your newly generated Project/Repository HTTP access token and <Repository Clone URL> with your repository clone url.
Example:
git clone -c http.extraHeader='Authorization: Bearer NzgwNzI5NTk1OTk0ASDFGHJKLOIKFhI9' https://linux-host/bitbucket/scm/test/test_token.git- Once, Developers are done with the clone of the repository and performs the push the code after changes, the token approach should bypass Verify Committer Hook.
- Push log under Repository settings will help user to monitor the Developers details who has performed the changes in the repository.
Second Approach: Using .mailmap file (explaining below as bare repository example)
- In this approach, just think Verify Committer Hook is not enabled on the repository.
- User need to clone the bare repository from Bitbucket on the client machine.
- Once done, need to create a .mailmap file (like any text file) and need to add the following entry for each user:
User1_name <User1_EmailID> User2_name <User2_EmailID>
Here User2_name and <User2_EmailID> are the names and email id of the users who should be bypassed (developer details).
User1_name and <User1_EmailID> are the name and email ID of the user which should be replaced with User2 (means service user).
Example: service_user <service_user@xyz.com> developer1 <developer1@xyz.com>
Note:
a. Please don't remove <> signs before and after email id. Email id should be with <> signs like <service_user@xyz.com>
b. User can add multiple entries in the same pattern.
- Once done, place a commit and push the changes (which means push the .mailmap file to Bitbucket).
- Now Enable Verify Committer Hook in Bitbucket UI.
- Advise Developer team to clone the repository on their local machines and push the changes after applying any modification to the code like any other file present in the repository or by creating a new file in the cloned repository.
- Once done, verify the behavior and share the result with us.
- Here also, Push log under Repository settings will help user to monitor the developer details who has performed the changes in the repository.