Integrating Bridgecrew with Bitbucket makes it possible for Bridgecrew to scan your Infrastructure-as-code files (Terraform and CloudFormation) and monitor configuration issues in development.
Please note that authorizing a new Bitbucket repo will override the current settings.
- From Integrations Catalogue, under Code Integrations, select Bitbucket .
- Configure your account by choosing a Bitbucket organization, you'll be redirected to Bitbucket.
Authorize Bridgecrew by selecting Grant access.
- Select the relevant repositories and select Next.
By default, Bridgecrew will create comments in the scanned files when violations are found (see example below).
- You will get the New Account successfully configured message, press Done.
Note: after the next Bitbucket scan, the scanned repository will appear in the Integrations grid; for further details, see here.
The integration between Bridgecrew and Bitbucket uses OAuth consumer. For an explanation of revoking access, see here.
We recommend providing Bridgecrew access to all repositories to assure that all Terraform and CloudFormation files will be accessible. However, the procedure above can also be used to provide Bridgecrew access to only specific repositories in your Workspace in Bitbucket. This requires setup in Bitbucket.
- Choose a Bitbucket user. This may be an existing user or a user you create for this purpose; for example, [email protected]
- In Repository Settings in Bitbucket, give the user Write access to the relevant repositories. Bitbucket sends a confirmation email to the user. Open the email and confirm.
- The Bitbucket-Bridgecrew integration uses OAuth. So, before adding the Bitbucket Account to Bridgecrew, make sure that, on the same browser, you are logged into Bitbucket with the relevant user.
Bridgecrew supports Code Insights. After integrating Bridgecrew with your Bitbucket repositories you will be able to view a full assessment report for every new pull request that contains infrastructure-as-code.
Updated 3 months ago