The Brigade Bitbucket Gateway receives events (webhooks) from Bitbucket, transforms them into Brigade events, and emits them into Brigade's event bus.
⚠️ If you are familiar with the Brigade GitHub Gateway, be advised that this gateway is not as full-featured as that one. At this time, it merely offers parity with its predecessor -- the Brigade v1.x-compatible Bitbucket Gateway -- meaning it only handles simple webhooks and does not offer any integration with Bitbucket Cloud Apps.A more full-featured successor to this gateway is something the Brigade maintainers do wish to explore in collaboration with the Brigade community. Please reach out on the Kubernetes/#brigade Slack channel if you are interested in working on that.
After installation, browse to any of your Bitbucket repositories for which you'd like to send webhooks to this gateway. From the menu on the left, select Repository settings and then Webhooks. On this page, click Add webhooks.
-
In the Title field, add a name for your webhook. It must be unique to this repository.
-
In the URL field, use a value of the form
https://<DNS hostname or publicIP>/events. Note that Bitbucket will not permit URLs that it cannot reach.⚠️ Instructions for finding the public IP are in the installation docs. -
Check the Active checkbox.
-
If you're using a self-signed certificate (again, refer to the installation docs), check the Skip certificate verification checkbox.
-
Check any/all triggers for which you'd like a webhook sent to this gateway.
-
Click Save
⚠️ Those who are also familiar with the Brigade GitHub Gateway might be perplexed at the lack of anything along the lines of a "shared secret" when configuring webhooks in Bitbucket. How then do webhook requests authenticate themselves to your gateway? In short, they do not. In practice, however, this does not mean that just anyone can send webhooks (directly) to your gateway.This gateway is pre-configured (see Helm chart configuration options) with a list of allowed IPs / IP ranges for inbound requests. This list reflects the IPs utilized by Bitbucket for outbound requests. This effectively prevents anyone except Bitbucket from (successfully) sending webhooks to your gateway.
This strategy does not, however, prevent any random Bitbucket user (who happens to know the address of your gateway) from configuring their own repositories to send webhooks your way. However, this matters very little, because Brigade 2 operates on a subscription model and if none of your own Brigade projects subscribe to events originating from the third-party repository in question, nothing happens.
Now subscribe any number of Brigade
projects
to events emitted by this gateway -- all of which have a value of
brigade.sh/bitbucket in their source field. You can subscribe to all event
types emitted by the gateway, or just specific ones.
In the example project definition below, we subscribe to
issue:created events, provided they've originated from the fictitious
example-org/example repository (see the repo
qualifier).
You should adjust this value to match a repository for which you are sending
webhooks to your new gateway (see
installation instructions).
apiVersion: brigade.sh/v2
kind: Project
metadata:
id: bitbucket-demo
description: A project that demonstrates integration with Bitbucket
spec:
eventSubscriptions:
- source: brigade.sh/bitbucket
types:
- repo:push
qualifiers:
repo: example-org/example
workerTemplate:
defaultConfigFiles:
brigade.js: |-
const { events } = require("@brigadecore/brigadier");
events.on("brigade.sh/bitbucket", "repo:push", () => {
console.log("Someone pushed a commit to the example-org/example repository!");
});
events.process();Assuming this file were named project.yaml, you can create the project like
so:
$ brig project create --file project.yamlCreating a new issue in the corresponding repo should now send a webhook from
Bitbucket to your gateway. The gateway, in turn, will emit an event into
Brigade's event bus. Brigade should initialize a worker (containerized event
handler) for every project that has subscribed to the event, and the worker
should execute the brigade.js script that was embedded in the project
definition.
List the events for the bitbucket-demo project to confirm this:
$ brig event list --project bitbucket-demoFull coverage of brig commands is beyond the scope of this documentation, but
at this point,
additional brig commands
can be applied to monitor the event's status and view logs produced in the
course of handling the event.
- Installation: Check this out if you're an operator who wants to integrate Bitbucket with your Brigade installation.
- Event Reference: Check this out if you're a script author or contributor who requires detailed information about all the webhooks handled by this gateway and the corresponding events the gateway emits into Brigade.
The Brigade project accepts contributions via GitHub pull requests. The Contributing document outlines the process to help get your contribution accepted.
We have a slack channel! Kubernetes/#brigade Feel free to join for any support questions or feedback, we are happy to help. To report an issue or to request a feature open an issue here
Participation in the Brigade project is governed by the CNCF Code of Conduct.