-
Notifications
You must be signed in to change notification settings - Fork 177
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bitbucket] Add bitbucket backend to perceval #653
Conversation
Signed-off-by: Nitish Gupta <[email protected]>
Hi @valeriocos, here is the first iteration for the backend. In order to use the backend we need 3 tokens,
Using these 3 keys, the access token is extracted which is used to make API requests. For getting refresh token from bitbucket one needs to follow these steps -
Usage - |
Thank you @imnitishng for the PR and details
This may be a really big problem. Is there any other way to bypass the 2 hours limit? What's the difference between Bitbucket Cloud and Bitbucket server? Thanks! |
Hi @imnitishng I just have a few questions. I understand that you need 3 tokens to fetch the data.
Do you mean there will be a new token?
Will the 3 tokens gonna expire or only the refresh token?
Is it possible to automate this process? |
No they are restrictions set by Bitbucket. They don't use API tokens, instead Bearer tokens are used.
Bitbucket server is another service offered by Atlassian. Bitbucket Server is hosted on-premise while Bitbucket Cloud is hosted on Atlassian’s servers and accessed via a URL (just like github). Bitbucket Server is some other paid service with extra features which I don't think we need to target since their APIs won't work with Bitbucket Cloud repositories.
I am using the APIs which are meant to communicate with repositories hosted on bitbucket.org. The one you specified seems to be used to communicate with Bitbucket server hosted projects. |
Hi @vchrombie, thanks.
Yes! It is the access token without it we cannot communicate. No other token can be used for communication.
None of the 3 tokens mentioned will expire.
I tried to do it, but it is not possible since
we need to grant a yes permission for authorization in the browser at this step. Just like granting OAuth permission for GitHub. So as far as I know it is only possible manually. |
Here is the part where access token is extracted from all the 3 tokens. Please have a look. |
Hi @imnitishng I have a few more confirmations from my side.
So, we should just provide the 3 keys, the access token will be generated every time you execute the backend (bitbucket.py#L447) which is valid for 2 hours. So, the next time you are executing the backend, a new access token is generated. So there will be a unique access token for every execution of Perceval backend.
Reading this gives me another doubt. I am just curious to know what happens if the fetching takes more than 2 hours?
Is it something like gitlab?
Thanks for the clarification. Anyways since it is just for once, I think it is fine. I thought this would be the one expiring. I misunderstood, sorry. |
Yes, you are correct.
401 response will be returned and Perceval run ends.
Well I'm not sure about that. Out of all the info I've found out about Bitbucket Server, I didn't see anywhere that bitbucket server projects are available on the Web. They are hosted in-house and available for the team of people working only. (not opensource)
Sure, thanks. |
Please keep in mind that Perceval has been conceived to do one thing only, which is fetching data from software repositories. A backend that needs to autogenerate a token doesn't seem to fit in this schema. Furthermore, a token that expires in 2 hours doesn't seem to have been designed to fetch data from a repository, instead its use is probably meant to address other needs (e.g., pushing commits, merging pull requests, etc.). Before evaluating the next development tasks, it would be convenient to:
Thanks! |
Okay. I suggested it so that it can be a individual script, not included in perceval. Like a gist just to extract the refresh token. Other than that. Agreed, thanks. |
Hi @valeriocos I understand your concern here is some more info.
I believe this should be seen as a step to choose the token for communication, similar to the step done in Github backend
Access tokens are generated from the Key, Secret and Refresh tokens. The final keys obtained will be these (they won't expire) (deleted before posting) For rate limit restrictions, we get 1000 queries per hour for any access to URLs under
Coming to the authentication problem, Bitbucket allows 3 ways to authenticate users - API Key OAuth2 Find more info about authentication with Bitbucket API here.
They both are different APIs meant for different products offered by Atlassian. Bitbucket Cloud is the product we are targeting. Bitbucket Cloud is an opensource platform hosting projects on the web accessed via URLs. (Eg.- https://bitbucket.org/libqxt/libqxt/) Bitbucket Server is a different product, which has self-hosted projects among professional teams, the APIs used for those projects hosted under custom domains like I hope we are clear on the point that Bitbucket server and Bitbucket Cloud are 2 different products with 2 completely different APIs, that cannot be interchanged with one another. |
We can also remove all this complexity and provide instructions to the user on how to generate the access tokens, but they will have to do it every time they run perceval (if they run it after the 2 hour window).
so it might not be a good option to go with. |
Any instructions on this @valeriocos? |
Hi @imnitishng, thanks for the work on the bitbucket backend. Do you think you can move the work to a new repository? Supporting this #645 (comment), it would be great if you can create a new repository and maintain this backend. Recently, I moved the Zulip Backend to a new repo. The workflows, documentation, and integrations are everything are in place. You can use it as a template repository and create the project Zulip Backend for Perceval: https://github.com/vchrombie/grimoirelab-perceval-zulip |
Adhering to the contributing guidelines (#incubating-repositories) and after communicating with @imnitishng, this work is moved to a separate repository perceval-backends/grimoirelab-perceval-bitbucket and will be maintained over there for some time. We can open this PR again and update it when we want to merge this backend into the main module. I'll be opening a PR adding the repo to the readme. The pull request will be closed soon if no one has any objection. Best, |
Closing this PR in favour of #653 (comment). |
This PR adds Bitbucket backend to Perceval.
Issues and Pull requests from bitbucket repositories can be extracted with this iteration.
Based on the discussions here #367
Signed-off-by: Nitish Gupta [email protected]