USER_GUIDE.adoc

Bitbucket Branch Source Plugin

Important

On March 5th, 2020, Atlassian releases Bitbucket Server 7 which removed some undocumented features related to pull requests. With Bitbucket Server 7.x, Jenkins Pipeline jobs can no longer perform a lightweight checkout of the Jenkinsfile if you are using the merge strategy for builds. This is due to Bitbucket Server 7.x no longer storing the merge commit for PRs to refs/pull-requests/*/merge which was a prerequisite for lightweight checkout. Bitbucket Server Pipeline jobs will automatically fall back to heavyweight checkout. Atlassian has explained their reasons for making this change and has made it clear they will not be re-adding this behavior. For Jenkins Pipeline jobs to function for pull requests on Bitbucket Server 7.x, you need to enable "Call Changes api" option in the plugin configuration. Bitbucket Server 7.x no longer automatically creates the required refs for pull requests. Calls to this new API are required to trigger ref creation.

Bitbucket Branch Source plugin allows use of Bitbucket Cloud and Server as a multi-branch project source in two different ways:

• Single repository source: automatic creation of jobs for branches and pull requests in a specific repository.

• Organization folders: automatic creation of multi-branch projects for each visible repository in a specific Bitbucket Team or Project.

  IMPORTANT: This plugin is not compatible with versions of Bitbucket Server previous to 4.0.

Bitbucket Server 7 compatibility

Bitbucket Server 7.x is supported but does no longer support lightweight checkout for pull requests when merge strategy is used for build.

Important

In order to have the pull request process working the "Call Changes api" option must be enabled in Manage Jenkins » Configure System

Branches and pull requests auto-discovering

This plugin adds an additional item in the "Branch Sources" list of multi-branch projects. Once configured, branches and pull requests are automatically created and built as branches in the multi-branch project.

Follow these steps to create a multi-branch project with Bitbucket as a source:

1. If using Bitbucket Server, the server base URL needs to be added to the Bitbucket Endpoints first in the "Manage Jenkins" > "System" configuration.

2. Create the multi-branch project. This step depends on which multi-branch plugin is installed. For example, "Multibranch Pipeline" should be available as a project type if Pipeline Multibranch plugin is installed.

   

3. Select "Bitbucket" as Branch Source

   

4. Set credentials to access Bitbucket API and checkout sources (see "Credentials configuration" section below).

5. Set the repository owner and name that will be monitored for branches and pull requests.

   

6. Finally, save the project. The initial indexing process will run and create projects for branches and pull requests.

   

Organization folders

Bitbucket Team/Project repository source can be used in Organization Folder to automatically track branches and pull requests in all Bitbucket Team or Project repositories.

1. Create a project of type Organization Folder.

   

2. Add Bitbucket Team/Project repository source

3. If you configured more than one Bitbucket Endpoint, choose the Server and appropriate Credential

4. Configure the repository owner. It could be:

   1. A Bitbucket Cloud Workspace ID (slug): all repositories in the workspace are imported as Multibranch projects.

   2. A Bitbucket Server Project ID: all repositories in the project are imported as Multibranch projects. Note that the project ID needs to be used instead of the project name.

   3. A regular username: all repositories which the username is owner of are imported.

      

5. Save the configuration. The initial indexing process starts. Once it finishes, a Multibranch project is created for each repository.

   

Webhooks registering

The use of Bitbucket webhooks allows to trigger builds on branches and pull requests just when a new commit is done. Bitbucket plugin exposes a special service to listen to these webhook requests and acts accordingly by triggering a new reindex and finally triggering builds on matching branches or pull requests.

Go to "Manage Jenkins" / "Configure System" and locate Bitbucket Endpoints. For every endpoint where you want webhooks registered automatically, check "Manage hooks" and select a "Credential" with enough access to add webhooks to repositories. Since the Credential is used at the system level, it can be a System scoped credential, which will restrict its usage from Pipelines.

For both Bitbucket Multibranch Pipelines and Organization folders there is an "Override hook management" behavior to opt out or adjust system-wide settings.

Important

In order to have the auto-registering process working fine the Jenkins base URL must be properly configured in Manage Jenkins » Configure System

Credentials configuration

The configuration of the plugin (for both Bitbucket multibranch pipelines and Bitbucket Workspace/Project organization folders) has two credentials to configure:

1. Scan Credentials: Credentials used to access Bitbucket API in order to discover repositories, branches and pull requests. If not set then anonymous access is used, so only public repositories, branches and pull requests are discovered and managed. HTTP Basic Authentication, Access Token and OAuth credentials are supported.

2. Checkout Credentials: Credentials used to check out sources once the repository, branch or pull request is discovered. HTTP Basic Authentication, SSH and OAuth credentials are supported. If not set, then Scan Credentials are used.

Access Token

The plugin can make use of a personal access token (Bitbucket Server only) instead of the standard username/password.

First, create a new personal access token in Bitbucket as instructed in the HTTP access tokens | Bitbucket Data Center and Server 8.0 | Atlassian Documentation. At least allow read access for repositories. If you want the plugin to install the webhooks, allow admin access for repositories.

Then create a new Username with password credential in Jenkins, enter the Bitbucket username (not the email) in the Username field and the created access token in the Password field.

App Passwords

Bitbucket deprecated usage of Atlassian account password for Bitbucket API and Git over HTTPS starting from March 1st, 2022 (Bitbucket Cloud only).

The plugin can make use of an app password instead of the standard username/password.

First, create a new app password in Bitbucket as instructed in the Bitbucket App Passwords Documentation. At least allow read access for repositories. Also, you may need to allow read and write access for webhooks depending on your pipeline’s triggers.

Then create a new Username with password credentials in Jenkins, enter the Bitbucket username (not the email) in the Username field and the created app password in the Password field.

IMPORTANT: App passwords do not support email address as a username for authentication. Using the email address will raise an authentication error in scanning/checkout process.

OAuth credentials

The plugin can make use of OAuth credentials (Bitbucket Cloud only) instead of the standard username/password.

First create a new OAuth consumer in Bitbucket as instructed in the Bitbucket OAuth Documentation. Don’t forget to check This is a private consumer and at least allow read access for repositories and pull requests. If you want the plugin to install the webhooks, also allow read and write access for webhooks.

Then create new Username with password credentials in Jenkins, enter the Bitbucket OAuth consumer key in the Username field and the Bitbucket OAuth consumer secret in the Password field.

Miscellaneous configuration

In case of slow network, you can increase socket timeout using the Script Console:

System.setProperty("http.socket.timeout", "300") // 5 minutes