bitbucket.md 5.41 KB
Newer Older
Stan Hu's avatar
Stan Hu committed
1
# Integrate your GitLab server with Bitbucket Cloud
Douwe Maan's avatar
Douwe Maan committed
2

3 4 5
NOTE: **Note:**
You need to [enable OmniAuth](omniauth.md) in order to use this.

6 7
Import projects from Bitbucket.org and login to your GitLab instance with your
Bitbucket.org account.
Douwe Maan's avatar
Douwe Maan committed
8

9
## Overview
Douwe Maan's avatar
Douwe Maan committed
10

11
You can set up Bitbucket.org as an OAuth2 provider so that you can use your
12 13
credentials to authenticate into GitLab or import your projects from
Bitbucket.org.
Douwe Maan's avatar
Douwe Maan committed
14

15
- To use Bitbucket.org as an OmniAuth provider, follow the [Bitbucket OmniAuth
16 17 18 19
  provider](#bitbucket-omniauth-provider) section.
- To import projects from Bitbucket, follow both the
  [Bitbucket OmniAuth provider](#bitbucket-omniauth-provider) and
  [Bitbucket project import](#bitbucket-project-import) sections.
Douwe Maan's avatar
Douwe Maan committed
20

21 22 23
## Bitbucket OmniAuth provider

> **Note:**
24
GitLab 8.15 significantly simplified the way to integrate Bitbucket.org with
25 26
GitLab. You are encouraged to upgrade your GitLab instance if you haven't done so
already. If you're using GitLab 8.14 or below, [use the previous integration
27
docs][bb-old].
28 29

To enable the Bitbucket OmniAuth provider you must register your application
30
with Bitbucket.org. Bitbucket will generate an application ID and secret key for
31
you to use.
Douwe Maan's avatar
Douwe Maan committed
32

33 34 35
1.  Sign in to [Bitbucket.org](https://bitbucket.org).
1.  Navigate to your individual user settings (**Bitbucket settings**) or a team's
    settings (**Manage team**), depending on how you want the application registered.
36
    It does not matter if the application is registered as an individual or a
37 38 39
    team, that is entirely up to you.
1.  Select **OAuth** in the left menu under "Access Management".
1.  Select **Add consumer**.
40
1.  Provide the required details:
Douwe Maan's avatar
Douwe Maan committed
41

42 43 44 45
    | Item | Description |
    | :--- | :---------- |
    | **Name** | This can be anything. Consider something like `<Organization>'s GitLab` or `<Your Name>'s GitLab` or something else descriptive. |
    | **Application description** | Fill this in if you wish. |
46
    | **Callback URL** | The URL to your GitLab installation, e.g., `https://gitlab.example.com/users/auth`. |
47
    | **URL** | The URL to your GitLab installation, e.g., `https://gitlab.example.com`. |
48

49 50 51 52
    NOTE: Be sure to append `/users/auth` to the end of the callback URL
    to prevent a [OAuth2 convert
    redirect](http://tetraph.com/covert_redirect/) vulnerability.

53 54 55 56
    NOTE: Starting in GitLab 8.15, you MUST specify a callback URL, or you will
    see an "Invalid redirect_uri" message. For more details, see [the
    Bitbucket documentation](https://confluence.atlassian.com/bitbucket/oauth-faq-338365710.html).

57
    And grant at least the following permissions:
Douwe Maan's avatar
Douwe Maan committed
58

59
    ```
60
    Account: Email, Read
61
    Projects: Read
62 63 64
    Repositories: Read
    Pull Requests: Read
    Issues: Read
65
    Wiki: Read and Write
66
    ```
67

68
    ![Bitbucket OAuth settings page](img/bitbucket_oauth_settings_page.png)
Douwe Maan's avatar
Douwe Maan committed
69

70 71
1.  Select **Save**.
1.  Select your newly created OAuth consumer and you should now see a Key and
72
    Secret in the list of OAuth consumers. Keep this page open as you continue
73
    the configuration.
Douwe Maan's avatar
Douwe Maan committed
74

75
      ![Bitbucket OAuth key](img/bitbucket_oauth_keys.png)
Douwe Maan's avatar
Douwe Maan committed
76

77
1.  On your GitLab server, open the configuration file:
Douwe Maan's avatar
Douwe Maan committed
78 79

    ```
80 81
    # For Omnibus packages
    sudo editor /etc/gitlab/gitlab.rb
Douwe Maan's avatar
Douwe Maan committed
82

83 84 85 86 87
    # For installations from source
    sudo -u git -H editor /home/git/gitlab/config/gitlab.yml
    ```

1.  Add the Bitbucket provider configuration:
Douwe Maan's avatar
Douwe Maan committed
88

89
    For Omnibus packages:
Douwe Maan's avatar
Douwe Maan committed
90 91

    ```ruby
92 93
    gitlab_rails['omniauth_enabled'] = true

94 95 96
    gitlab_rails['omniauth_providers'] = [
      {
        "name" => "bitbucket",
97 98
        "app_id" => "BITBUCKET_APP_KEY",
        "app_secret" => "BITBUCKET_APP_SECRET",
99 100 101
        "url" => "https://bitbucket.org/"
      }
    ]
Douwe Maan's avatar
Douwe Maan committed
102 103
    ```

104
    For installations from source:
Douwe Maan's avatar
Douwe Maan committed
105

106
    ```yaml
107 108 109 110 111 112 113
    omniauth:
      enabled: true
      providers:
        - { name: 'bitbucket',
            app_id: 'BITBUCKET_APP_KEY',
            app_secret: 'BITBUCKET_APP_SECRET',
            url: 'https://bitbucket.org/' }
Douwe Maan's avatar
Douwe Maan committed
114 115
    ```

116 117 118 119 120
    ---

    Where `BITBUCKET_APP_KEY` is the Key and `BITBUCKET_APP_SECRET` the Secret
    from the Bitbucket application page.

Douwe Maan's avatar
Douwe Maan committed
121
1.  Save the configuration file.
122 123
1.  For the changes to take effect, [reconfigure GitLab][] if you installed via
    Omnibus, or [restart][] if installed from source.
Douwe Maan's avatar
Douwe Maan committed
124

125 126 127
On the sign in page there should now be a Bitbucket icon below the regular sign
in form. Click the icon to begin the authentication process. Bitbucket will ask
the user to sign in and authorize the GitLab application. If everything goes
128
well, the user will be returned to GitLab and will be signed in.
Douwe Maan's avatar
Douwe Maan committed
129 130 131

## Bitbucket project import

132 133
Once the above configuration is set up, you can use Bitbucket to sign into
GitLab and [start importing your projects][bb-import].
Douwe Maan's avatar
Douwe Maan committed
134

135 136
If you want to import projects from Bitbucket, but don't want to enable signing in,
you can [disable Sign-Ins in the admin panel](omniauth.md#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources).
137

138
[init-oauth]: omniauth.md#initial-omniauth-configuration
139 140
[bb-import]: ../workflow/importing/import_projects_from_bitbucket.md
[bb-old]: https://gitlab.com/gitlab-org/gitlab-ce/blob/8-14-stable/doc/integration/bitbucket.md
141
[bitbucket-docs]: https://confluence.atlassian.com/bitbucket/use-the-ssh-protocol-with-bitbucket-cloud-221449711.html#UsetheSSHprotocolwithBitbucketCloud-KnownhostorBitbucket%27spublickeyfingerprints
142 143
[reconfigure GitLab]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
[restart]: ../administration/restart_gitlab.md#installations-from-source