BitBucket support for context security
complete
M
Matthew Morrissette Vance
To use the entire context security functionality, your repository must be on Github (because BitBucket doesn't have a groups API). I would like CircleCI to offer a UI to manage user group access so VCS providers that don't have group support can still take advantage of context security.Otherwise all of our developers end up having access to production API keys.
CCI-I-1596
Jan Paolo Go
This should be reopened. Any of our bitbucket users can use the context especially for PROD
J
James Taylor
Nathan Fish This doesn't achieve what the feature request was about. Limiting a context to certain projects is helpful but it doesn't limit which users can use them.
Nathan Fish
James Taylor: It does in terms of which users have project access. But yes it isn't user specific. My thought is that inclusion of branch and tag based restrictions for contexts, similar to project, would give a very solid ability to limit access based on environment or other more granular use cases. Would you agree?
J
James Taylor
Nathan Fish: It's okay and does stop some attack vectors, but it's not perfect. Unless I take a copy of every release and commit it to another repository then anyone doing dev on a project could at the very least rerun an old commit on main against a production environment.
Nathan Fish
James Taylor: I think there are some ways we could make user specific access possible in the future. I'll keep it in mind as we build out more group functionality.
J
James Taylor
Nathan Fish: Thanks, that would be nice. I think this feature shouldn't be marked as complete though as the OP is specifically asking for user specific ACLs.
P
Peter Willis
Nathan Fish where can we find out about this new feature?
Nathan Fish
complete
We released the ability to limit contexts by projects. We do plan to add restriction by branch/tag as well in the future.
Sarah Seaton
under review