From 7451665677a319d478603fba256e51205a3a8d5c Mon Sep 17 00:00:00 2001 From: sulaim-one2n Date: Thu, 11 Jun 2026 14:32:34 +0530 Subject: [PATCH] feat(gitops): support OAuth bearer token authentication for Bitbucket Cloud Allows authenticating the Bitbucket REST API client via an OAuth Bearer token when the configured username is empty or "x-token-auth". This enables the use of Bitbucket Repository/Project Access Tokens instead of only App Passwords. - Updates NewGitBitbucketClient to conditionally instantiate the client using NewOAuthbearerToken or NewBasicAuth depending on the username. --- .../gitOps/git/GitServiceBitbucket.go | 21 ++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/pkg/deployment/gitOps/git/GitServiceBitbucket.go b/pkg/deployment/gitOps/git/GitServiceBitbucket.go index c0ffd7787b..ce2ea5d203 100644 --- a/pkg/deployment/gitOps/git/GitServiceBitbucket.go +++ b/pkg/deployment/gitOps/git/GitServiceBitbucket.go @@ -21,12 +21,6 @@ import ( "crypto/tls" "errors" "fmt" - "github.com/devtron-labs/common-lib/utils/retryFunc" - bean2 "github.com/devtron-labs/devtron/api/bean/gitOps" - "github.com/devtron-labs/devtron/pkg/deployment/gitOps/git/bean" - "github.com/devtron-labs/devtron/util" - "github.com/devtron-labs/go-bitbucket" - "go.uber.org/zap" "io/ioutil" "math/rand" "os" @@ -35,6 +29,13 @@ import ( "strconv" "strings" "time" + + "github.com/devtron-labs/common-lib/utils/retryFunc" + bean2 "github.com/devtron-labs/devtron/api/bean/gitOps" + "github.com/devtron-labs/devtron/pkg/deployment/gitOps/git/bean" + "github.com/devtron-labs/devtron/util" + "github.com/devtron-labs/go-bitbucket" + "go.uber.org/zap" ) const ( @@ -52,7 +53,13 @@ type GitBitbucketClient struct { } func NewGitBitbucketClient(username, token, host string, logger *zap.SugaredLogger, gitOpsHelper *GitOpsHelper, tlsConfig *tls.Config) GitBitbucketClient { - coreClient := bitbucket.NewBasicAuth(username, token) + var coreClient *bitbucket.Client + if username == "x-token-auth" || username == "" { + coreClient = bitbucket.NewOAuthbearerToken(token) + } else { + coreClient = bitbucket.NewBasicAuth(username, token) + } + httpClient := util.GetHTTPClientWithTLSConfig(tlsConfig) coreClient.HttpClient = httpClient logger.Infow("bitbucket client created", "clientDetails", coreClient)