bitbucket.md 5.41 KB
Newer Older
1
# Integrate your GitLab server with Bitbucket Cloud
2

3 4 5
NOTE: **Note:**
You need to [enable OmniAuth](omniauth.md) in order to use this.

6 7
Import projects from Bitbucket.org and login to your GitLab instance with your
Bitbucket.org account.
8

9
## Overview
10

11
You can set up Bitbucket.org as an OAuth2 provider so that you can use your
12 13
credentials to authenticate into GitLab or import your projects from
Bitbucket.org.
14

15
- To use Bitbucket.org as an OmniAuth provider, follow the [Bitbucket OmniAuth
16 17 18 19
  provider](#bitbucket-omniauth-provider) section.
- To import projects from Bitbucket, follow both the
  [Bitbucket OmniAuth provider](#bitbucket-omniauth-provider) and
  [Bitbucket project import](#bitbucket-project-import) sections.
20

21 22 23
## Bitbucket OmniAuth provider

> **Note:**
24
GitLab 8.15 significantly simplified the way to integrate Bitbucket.org with
25 26
GitLab. You are encouraged to upgrade your GitLab instance if you haven't done so
already. If you're using GitLab 8.14 or below, [use the previous integration
27
docs][bb-old].
28 29

To enable the Bitbucket OmniAuth provider you must register your application
30
with Bitbucket.org. Bitbucket will generate an application ID and secret key for
31
you to use.
32

33 34 35
1.  Sign in to [Bitbucket.org](https://bitbucket.org).
1.  Navigate to your individual user settings (**Bitbucket settings**) or a team's
    settings (**Manage team**), depending on how you want the application registered.
36
    It does not matter if the application is registered as an individual or a
37 38 39
    team, that is entirely up to you.
1.  Select **OAuth** in the left menu under "Access Management".
1.  Select **Add consumer**.
40
1.  Provide the required details:
41

42 43 44 45
    | Item | Description |
    | :--- | :---------- |
    | **Name** | This can be anything. Consider something like `<Organization>'s GitLab` or `<Your Name>'s GitLab` or something else descriptive. |
    | **Application description** | Fill this in if you wish. |
46
    | **Callback URL** | The URL to your GitLab installation, e.g., `https://gitlab.example.com/users/auth`. |
47
    | **URL** | The URL to your GitLab installation, e.g., `https://gitlab.example.com`. |
48

49 50 51 52
    NOTE: Be sure to append `/users/auth` to the end of the callback URL
    to prevent a [OAuth2 convert
    redirect](http://tetraph.com/covert_redirect/) vulnerability.

53 54 55 56
    NOTE: Starting in GitLab 8.15, you MUST specify a callback URL, or you will
    see an "Invalid redirect_uri" message. For more details, see [the
    Bitbucket documentation](https://confluence.atlassian.com/bitbucket/oauth-faq-338365710.html).

57
    And grant at least the following permissions:
58

59
    ```
60
    Account: Email, Read
61
    Projects: Read
62 63 64
    Repositories: Read
    Pull Requests: Read
    Issues: Read
65
    Wiki: Read and Write
66
    ```
67

68
    ![Bitbucket OAuth settings page](img/bitbucket_oauth_settings_page.png)
69

70 71
1.  Select **Save**.
1.  Select your newly created OAuth consumer and you should now see a Key and
72
    Secret in the list of OAuth consumers. Keep this page open as you continue
73
    the configuration.
74

75
      ![Bitbucket OAuth key](img/bitbucket_oauth_keys.png)
76

77
1.  On your GitLab server, open the configuration file:
78 79

    ```
80 81
    # For Omnibus packages
    sudo editor /etc/gitlab/gitlab.rb
82

83 84 85 86 87
    # For installations from source
    sudo -u git -H editor /home/git/gitlab/config/gitlab.yml
    ```

1.  Add the Bitbucket provider configuration:
88

89
    For Omnibus packages:
90 91

    ```ruby
92 93
    gitlab_rails['omniauth_enabled'] = true

94 95 96
    gitlab_rails['omniauth_providers'] = [
      {
        "name" => "bitbucket",
97 98
        "app_id" => "BITBUCKET_APP_KEY",
        "app_secret" => "BITBUCKET_APP_SECRET",
99 100 101
        "url" => "https://bitbucket.org/"
      }
    ]
102 103
    ```

104
    For installations from source:
105

106
    ```yaml
107 108 109 110 111 112 113
    omniauth:
      enabled: true
      providers:
        - { name: 'bitbucket',
            app_id: 'BITBUCKET_APP_KEY',
            app_secret: 'BITBUCKET_APP_SECRET',
            url: 'https://bitbucket.org/' }
114 115
    ```

116 117 118 119 120
    ---

    Where `BITBUCKET_APP_KEY` is the Key and `BITBUCKET_APP_SECRET` the Secret
    from the Bitbucket application page.

121
1.  Save the configuration file.
122 123
1.  For the changes to take effect, [reconfigure GitLab][] if you installed via
    Omnibus, or [restart][] if installed from source.
124

125 126 127
On the sign in page there should now be a Bitbucket icon below the regular sign
in form. Click the icon to begin the authentication process. Bitbucket will ask
the user to sign in and authorize the GitLab application. If everything goes
128
well, the user will be returned to GitLab and will be signed in.
129 130 131

## Bitbucket project import

132 133
Once the above configuration is set up, you can use Bitbucket to sign into
GitLab and [start importing your projects][bb-import].
134

135 136
If you want to import projects from Bitbucket, but don't want to enable signing in,
you can [disable Sign-Ins in the admin panel](omniauth.md#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources).
137

138
[init-oauth]: omniauth.md#initial-omniauth-configuration
139 140
[bb-import]: ../workflow/importing/import_projects_from_bitbucket.md
[bb-old]: https://gitlab.com/gitlab-org/gitlab-ce/blob/8-14-stable/doc/integration/bitbucket.md
141
[bitbucket-docs]: https://confluence.atlassian.com/bitbucket/use-the-ssh-protocol-with-bitbucket-cloud-221449711.html#UsetheSSHprotocolwithBitbucketCloud-KnownhostorBitbucket%27spublickeyfingerprints
142 143
[reconfigure GitLab]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
[restart]: ../administration/restart_gitlab.md#installations-from-source