How to change the user to make pull requests in Bitbucket using jenkins

Question

• I have a pipeline to create two new branches and push them to BitBucket, then create a new pull request.
• The jenkins pipeline is running on a linux slave.
• I've setup the credential to bitbucket repo in jenkins credentials.

So far creating new branches and pushing them to BitBucket works finely with my credentials.

sh script: "git init"
sh script: "git add *"
sh script: 'git commit -m "new branch created"'
sh script: "git checkout -b ${new_branch}"
withCredentials([[$class: 'UsernamePasswordMultiBinding',
                   credentialsId: 'mycred',
                   usernameVariable: 'username',
                   passwordVariable: 'pass']]){
sh('git push https://${username}:${pass}@bitbucket.example.com:8080/scm/user/reponame ${new_branch})

Like this I create and push two new branches ${new_branch}, ${new_branch2}. Even though only my credentials mycred has access to the repo, two branches gets pushed with cloud user. In commit section it shows "cloud user"

Then I'm trying to create a pull request from ${new_branch} to ${new_branch2}.

When I try to create a pull request with my credentials using a curl, it says

{"errors":[{"context": null,"message":"Authentication failed. please check your credentials and try again.","exceptionName":"com.atlassian.bitbucket.auth.IncorrectPasswordAuthenticationException"}]}

My curl command using bitbucket api is,

withCredentials([[$class: 'UsernamePasswordMultiBinding',
                   credentialsId: 'mycred',
                   usernameVariable: 'username',
                   passwordVariable: 'pass']]){
sh """curl --insecure -X POST https://${username}:${pass}@bitbucket.example.com:8080/rest/api/1.0/repos/myrepo/pull-request?create\
-H 'Content-Type:application/jason'\
-u ${username}:${pass}\
-d '{"title":"testpullreq",\
        "description":"sampledescription",\
        "state":"open",\
        "open":true,\
        "closed":false,\
        "fromRef":{\
            "id":"refs/heads/${new_branch}",\
            "repository":{\
            "slug":"branch-to-pr",\
            "name":"branch-To-PR",\
            }\
         },\
        "toRef":{\
           "id":"refs/heads/${new_branch2}",\
            "repository":{\
            "slug":"branch-to-pr2",\
            "name":"branch-To-PR2",\
           }\
       },\
       "locked":false,\
       "reviewers":[\
                   {\
                   "user":{\
                   "name":"myemail@example.com"\
                    }\
                 }\
              ]\
         }' """

So curl command also works fine, the error is it says I don't have authentication permission, and that's because the PR tries to get made using my slave. I need to do this with my user account (mycred).

Answer 1

I'm assuming your issue occurs because curl is a command that runs within the Jenkins host. Therefore, it uses the credentials already present in the host when running the command.

You can consider using the HttpRequest plugin instead. The plugin allows you to use your specified credentials to send the post request with a body. The difference is that no system commands are used, so the command is sent independent of the credentials already present in the host. This should force Jenkins to use your mycred credentials.