I would like to create manually triggered pipelines and add permissioning to them.
e.g. manual pipeline "deploy-to-prod" can only be triggered by users in group "Deployers".
The same thing for deployments - some users can deploy to dev/QA but only admins can deploy to prod.
Hey @Daniel Whatmuff,
Pipelines permissions are tightly coupled to the repository permissions to keep things simple. Anyone who can write to your repository can trigger new pipelines (much as committing to a branch triggers a pipeline.)
If more granular permissions are something you think is valuable, please add a comment and watch https://bitbucket.org/site/master/issues/13676/ability-to-restrict-who-can-run-deployment which we are using to track customer feedback.
thanks,
Seb
Currently, deployments only allows deployment permissions at the admin level. SOX compliance requires us to have the employee that merges the code and the employee that deploys the code be different.
Branch permissions allow for assignment of a group to be able to merge to a branch, but deployments can only be configured to admins. What this results in is our deployment manager having to be an admin of the repository to be able to lock down production deployments. The issue with this is that if our deployment manager is an admin of the repository, he also has access to merge, or at least could grant himself access to merge since he's an admin.
The feature request, if there isn't an alternative that you can think of, or current work-around, would be to allow deployment permissions to be assigned to a user group.
Let me know if you have any questions or if there's something already in place that I'm not aware.
Thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Facing the same issue. Any updates?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Atlassian team,
Any update on this?
We are facing similar issue in which we want to allow certain group of users / release manager to kick off a Prod deployment, but we do not wish to grant them admin access to the repository.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
 
 
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.