Bitbucket Pipelines Runner – Upgrade Required
We are excited to announce the release of the Pipelines runner version 3.0.0, featuring more reliable and faster management of artifacts and caches. Whilst we work hard to avoid breaking-changes in runner versions, the scale of the enhancements made to version 3.0.0 have required us to make changes that mean versions of the runner prior to 3.0.0 will be impacted.
To maintain stable access to the self-hosted runner functionality, and gain the benefits from these improvements (as well as numerous other security and performance updates), all customers are required to upgrade to version 3.0.0 or above before December 2, 2024.
To see a history of changes, including any future updates, you can view the self-hosted runner changelog here.
How to update a runner
To update your runners, please follow the guidelines outlined in the documentation here.
As part of this deprecation:
- No changes are required in your Pipelines configuration.
- If you use IP or URL allowlisting to control access to your internal networks from Pipelines, please review the following section.
What happens if I don’t upgrade?
- Starting December 2nd, any steps running on outdated versions of the Runner will no longer be able to interact with the Pipelines file-storage infrastructure.
- This will mean that steps utilising Artifacts or Caches on these runner versions will no longer function.
- Steps that are not using those features may still function correctly in some situations, but should be assumed to be unstable and no longer supported.
Changes to IP Allowlisting
If you use IP or URL-based allowlisting to manage traffic to/from your runner infrastructure, please be aware that the runner now communicates directly with file storage in AWS S3. When upgrading to version 3.0.0 or above, please ensure that you unblock the following for both incoming and outgoing traffic:
If Using IP
An exhaustive list of IP addresses that traffic can go to AWS can be found by using the following endpoint, filtering to records where the service equals S3, and using the us-east-1 and us-west-2 regions.
Please note that you have to whitelist all these IPs irrespective of the step size.
If Using URL
micros--prod-east--bitbucketci-file-service--files.s3.amazonaws.comIf you have any questions or concerns, please reach out to the team via the Pipelines space in Atlassian Community.
