Bitbucket Integration

Integrate GovernanceAI with Bitbucket Cloud or Server for automated AI governance scanning.

Bitbucket Cloud Setup

Step 1: Create OAuth Consumer

• Bitbucket Cloud → Workspace Settings → OAuth consumers
• Create consumer with scopes:
  • repository:read
  • pullrequest:read
• Copy Client ID and Secret

Step 2: Connect in GovernanceAI

• Integrations → Bitbucket Cloud
• Click Connect
• Authorize GovernanceAI
• Select repositories

Bitbucket Server/Data Center Setup

Step 1: Create App Password

• Personal Settings → App passwords
• Create password with permissions:
  • repository:read
  • pullrequest:read
• Copy credentials

Step 2: Connect in GovernanceAI

• Integrations → Bitbucket Server
• Enter Server URL
• Enter username and password
• Select repositories

Scanning Features

✅ Automatic Scanning

• On push to main branches
• On pull requests
• Scheduled scans

✅ PR Integration

• Findings in PR comments
• Build status checks
• Block on critical findings

Bitbucket Pipelines Integration

1
# bitbucket-pipelines.yml
2
image: atlassian/default-image:2
3
4
pipelines:
5
  branches:
6
    main:
7
      - step:
8
          name: GovernanceAI Scan
9
          script:
10
            - |
11
              curl -X POST https://api.governanceai.com/v1/scans \
12
                -H "Authorization: Bearer $GOVERNANCEAI_API_KEY" \
13
                -d '{
14
                  "repository": "'$BITBUCKET_REPO_FULL_NAME'",
15
                  "ref": "'$BITBUCKET_COMMIT'"
16
                }'

Cloud vs Server

Troubleshooting

• OAuth timeout - Check network connectivity
• Repositories not showing - Verify permissions
• Webhooks not firing - Check webhook delivery in Bitbucket
• Build status not updating - Verify build permission

Next Steps

• Jira Integration - Track issues
• Running Scans - Scan your code
• API Reference - Integration APIs