Overview

After integrating your repositories, you can configure Bridgecrew's interactions with your integrations. This includes:

• Excluding files from Bridgecrew scans
• Enabling and configuring Code Reviews
• Enabling and configuring Pull Request Bot comments
• Enabling and configuring Tagging Bot

To access the Code Repository Settings page, go to Settings , then select Code Repository Settings.

General

Adding a new Rule

📘

• The first (default) rule is applied to all repositories, to view the add rule section, you need to deselect repositories.
• You can configure multiple repositories in a single rule. However, repositories can only be placed in one rule at a time.

In order to create a new rule for a specific repository, you must remove the repository from its current rule first, then click Add rule and include the desired repositories.

Saving a change

After making changes in any section select Save.

Deleting a Rule

Hover over a rule and select the trash icon to delete it.
Note: Default rule can't be deleted.

Exclude Files from Scan

After integrating code repositories, Bridgecrew Cloud scans all the files in the selected repositories.
You can set paths/files (comma separated) to be excluded from scans using regular expressions. Then select the repositories that you want to exclude the paths/files from.

Examples

If you enter test under Exclude Paths, the files in any path that include the word "test" will not be scanned.
To narrow an exclusion using a specific context such as /test/, but include paths such as _unitest, use \/test\/.

📘

Tips

Try this cheat sheet for help in writing regex.

Enable and Configure Code Reviews

When Code Reviews are enabled, Bridgecrew checks code changes for every new Pull Request in the selected repositories, displays errors, and offers an option to quickly fix or suppress them.

Code Review actions include:

• Enabling/disabling code reviews
• Selecting the repositories to scan
• Setting a soft fail based on the returned severity level
• Excluding specific policies from soft failing

Enable and Configure Pull Request Bot Comments

When Bridgecrew’s Pull Request bot is enabled in a Code Repository, it will add comments for errors detected in a PR’s code changes.

Pull Request Bot Comments actions include:

• Enabling/disabling Pull Request Bot Comments
• Selecting repositories
• Adding Pull Request Bot Comments based on the returned severity level
• Excluding specific policies from Pull Request Bot Comments

Enable and Configure Tagging Bots

When Bridgecrew’s Tagging Bot is enabled in a Code Repository, it will create pull requests when a new IaC is committed into the branch.

📘

Note

When enabled, the Tagging Bot will create unique resource tags in the IaC templates configured in your VCS. This enables traceability and detection of drifts between build time and run time resources.
For more information about Drift Detection see here.

Tagging Bot actions include:

• Enabling/disabling Tagging Bot
• Selecting repositories
• Excluding specific policies from Pull Request Bot Comments