Integrate with Bitbucket

Overview

Integrating Bridgecrew with Bitbucket makes it possible for Bridgecrew to scan your Infrastructure-as-code files (Terraform and CloudFormation) and monitor configuration issues in development.

How to Integrate

🚧

Important

Please note that authorizing a new Bitbucket repo will override the current settings.

Part 1 - In Bridgecrew

  1. From Integrations Catalogue, under Code Integrations, select Bitbucket .
1028
  1. Under the Configure Account tab, select Authorize. You will be directed to your Bitbucket account.
1020

Part 2 - In Bitbucket

Authorize Bridgecrew by selecting Grant access.

1894

Part 3 - In Bridgcrew

  1. Select one of the following options then select Next:
  • Permit all existing repositories
  • Permit all existing and future repositories
  • Choose from the repository list.
    If choosing from the repository list, select the relevant repositories.

Note: selecting Previous will bring you back to the Configure Account tab.

918
  1. When the message "New account successfully configured" appears, select Done.
1706

Note: after the next Bitbucket scan, the scanned repository will appear in the Integrations grid; for further details, see here.

šŸ“˜

Note

The integration between Bridgecrew and Bitbucket uses OAuth consumer. For an explanation of revoking access, see [here] (https://confluence.atlassian.com/doc/view-and-revoke-oauth-access-tokens-208961965.html).

Examples

The images below shows three different examples for Bridgecrew PR comments (reports): vulnerability report; variable rendering scan results report; and license report.

968

Vulnerability report - a list of CVEs and their severities

965

Variable rendering resolution misconfiguration

966

Lisence report - license compliance issues found

Providing Access to Specific Bitbucket Repositories

We recommend providing Bridgecrew access to all repositories to assure that all Terraform and CloudFormation files will be accessible. However, the procedure above can also be used to provide Bridgecrew access to only specific repositories in your Workspace in Bitbucket. This requires setup in Bitbucket.

  1. Choose a Bitbucket user. This may be an existing user or a user you create for this purpose; for example, [email protected].
  2. In Repository Settings in Bitbucket, give the user Write access to the relevant repositories. Bitbucket sends a confirmation email to the user. Open the email and confirm.
  3. The Bitbucket-Bridgecrew integration uses OAuth. So, before adding the Bitbucket Account to Bridgecrew, make sure that, on the same browser, you are logged into Bitbucket with the relevant user.

Bridgecrew support for Code Insights

Bridgecrew supports Code Insights. After integrating Bridgecrew with your Bitbucket repositories you will be able to view a full assessment report for every new pull request that contains infrastructure-as-code.

1988

Bridgecrew Code Insights report