Development Pipelines

The Development Pipelines screen allows you to explore the health status of your repositories and the latest scans performed in your Bridgecrew account. You can also take actions in order to keep improving the status by looking at the most relevant scans for the organization’s operations.

Code Reviews Summary

1244

The Code Reviews summary allows you to see a global view of your organization’s recent code reviews across all VCS and CI/CD integrations and prioritize the exploration of them by:

  • Highlighting scans with the highest number of severe issues and the highest number of failed issues across the most recent code reviews.
  • Exploring reviews from the most recent code scans across all integrations, going backward.
  • Searching for specific code reviews across different integrations.
  • Configuring your Enforcement settings at a repository level at any time, using the Enforcement capability.

The Code Reviews Issues by Status graph highlights which of your most recent scans have the highest rate of open issues, in order to find the ones that you want to treat first. Each bar represents a single scan item (VCS code commit or a CI/CD run) and the finding breakdown of how many issues were checked and detected as passed, suppressed (based on active suppression rules), or failed.

1234

Code Reviews Table

The table shows the latest code reviews across all integrated VCS and CI/CD repositories and provides the following for each scanned item:

  1. Repository: the Git repository to which the scanned item belongs.
  2. Organization: the Git organization to which the scanned item belongs and its VCS type.
  3. Scan Item: VCS Pull request or CI/CD branch
  4. Scan ID: a specific form of the Scanned item. For VCS, the commit number, for CI/CD Bridgcrew's internal ID.
  5. Git User: the git user whose action triggered the scan.
    a. For VCS this is the committed creator.
    b. For CI/CD if detected, this is the user who triggered the scan to run.
  6. Scan Failed issues: Showing the total count of failed issues of the code review and the highest severity failed issue detected.
  7. Scan status: Whether the code review Failed or Passed based on Enforcement settings.
  8. Scan time: The time and date when the scan was triggered.
1902

The table supports a variety of sort, search and other information.
Results can be sorted by:

  • Repository
  • Organization
  • Scan Item
  • Scan ID
  • Git user
  • Scan Failed issues (sort by severity and total count)
  • Scan status
  • Scan time (sorted by default)

You can search for results by values of:

  • Repository
  • Organization
  • Pull request/branch
  • Git user
  • Severity

Additional information is presented for the following items:

  • Scan items:
    • Repository
    • Pull request
    • Origin and target branches
    • Commit ID
225
  • Scan results:
    • Severity breakdown
    • The Enforcement settings at the time of the scan. You can also open the Enforcement wizard and change the settings by clicking Manage Enforcement from the info card under Scan failed issues.
433

Actions supported for every scan:

  • View scan results - navigate to the results in the Projects screen.
  • View scans results in VCS - navigate to the Bridgecrew results on top of the pull request’s commit code.

Projects Summary

The Projects summary allows you to see a global view of your organization’s integrated VCS repositories and prioritize the exploration of them by:

  • Showing the usage frequency of a certain integrated repository
  • Highlighting repositories with the highest numbers of non-compliant, new code additions to your default branch
  • Displaying pending fix pull requests opened by Bridgecrew or Prisma cloud

The Open Pull Requests (PRs) by Status graph highlights the repositories with the highest rate of open failed PRs, allowing you to easily find the ones that you should address first. Each bar represents a single VCS repository and its open PRs, broken down into passed PRs with no failed issues detected by Bridgecrew (according to the Enforcement Settings at the time of the scan), and failed PRs (which include at least one Hard Fail issue).

1367

Projects Table

The table shows all integrated VCS repositories and provides the following for each integrated repository:

  1. Repository: the Git repository to which the scanned item belongs.
  2. Organization: the Git organization to which the repository belongs to and its VCS type.
  3. Weekly commits: the total number of commits from the past week that were merged into the default branch, and the change in that number (in percetage) compared to previous week. This data allows you to see the repositories with the highest numbers of new code additions.
  4. Git users: how many Git users have merged their commits into the default branch over the past 90 days.
  5. Failed open PRs: the number of failed open PRs out of all open PRs based on Bridgecrew's findings and Enforcement settings. For more information, see Enforcement.
  6. Pending Fix PRs: the number of open PRs created by Bridgecrew/Prisma Cloud after being submitted by users within the platform. These are yet to be merged into the default branch.
  7. Latest PR: the number and name of latest PR.
  8. Latest PR scan time: scan time of latest PR.
1370

📘

Note that Failed open PRs, Pending Fix PRs and merge requests will only include PRs opened after July 1st, 2022.

The table supports a variety of sort, search and other information.
Results can be sorted by:

  • Organization
  • Repository
  • Weekly commits
  • Git Users count
  • Failed open PRs count
  • Pending fix PRs count
  • Latest PR scan time

You can search for results by values of:

  • Organization
  • Repository
  • Latest PR

Actions supported for every repository:

  • Open all Failed Pull requests in the VCS (Supported for GitHub only)
  • Review Fix PRs in the VCS - open the Fix PRs in the VCS to review and merge them (Supported for GitHub only)
  • Open latest PR - open the latest PR for a selected project in the Projects screen
507

An example of an open failed PR in GitHub:

1618

An example of reveiwing Fix PRs in GitHub:

1555