Bitbucket Integration
Enforce policies on Bitbucket pull requests.
Overview
The Bitbucket integration connects Aguardic to your Bitbucket repositories via OAuth. When pull requests are created or updated, Aguardic evaluates the changes against your policies and reports results as build statuses on the pull request.
Setup
1. Connect via OAuth
Go to Integrations > Add Integration > Bitbucket in the Aguardic dashboard and click Connect. You'll be redirected to Bitbucket to authorize Aguardic to access your repositories.
2. Bind Policies
After connecting, go to Policy Bindings and map your policies to the Bitbucket integration. You can bind policies to:
- All repositories in the integration
- Specific repositories by name
- Specific branches (e.g., only
mainorproduction)
3. Configure Enforcement
Choose how Aguardic enforces policy results on Bitbucket:
- BLOCK — Sets the build status to
FAILED, preventing merge when merge checks are enabled - APPROVAL_REQUIRED — Sets the build status to
INPROGRESS, requiring manual resolution before merge - WARN — Sets the build status to
SUCCESSFULbut includes violation details in the status description - MONITOR_ONLY — No visible action on Bitbucket, violations logged in Aguardic only
How It Works
- A developer opens or updates a pull request
- Bitbucket sends a webhook to Aguardic
- Aguardic fetches the PR diff and metadata
- The governance engine evaluates against bound policies
- Results are posted as a build status on the pull request
What Gets Evaluated
- PR title and description — Check naming conventions and required sections
- File changes — Scan diffs for sensitive data, banned patterns, or restricted file types
- Commit messages — Enforce commit message format
- Branch names — Validate branch naming conventions
Merge Checks
For full enforcement, configure merge checks in your Bitbucket repository:
- Go to Repository Settings > Merge checks
- Enable "Minimum successful builds" and set it to include the Aguardic check
- Aguardic's build status will block merges when violations are found
With merge checks enabled and enforcement set to BLOCK, developers cannot merge PRs that violate your policies.
Example Policies
Require PR Reviewers
Ensure pull requests have at least one reviewer assigned:
- Field:
reviewers - Operator:
GTE - Value:
1 - Severity: MEDIUM
Block Banned File Types
Prevent certain file types from being committed (e.g., compiled binaries):
- Field:
files - Operator:
MATCHES - Value:
\.(exe|dll|bin|so)$ - Severity: HIGH
Enforce Commit Message Format
Require conventional commit messages:
- Field:
commit_message - Operator:
MATCHES - Value:
^(feat|fix|chore|docs|refactor|test|ci)(\(.+\))?: .{10,} - Severity: LOW
Next Steps
- GitHub Integration — Similar setup for GitHub
- GitLab Integration — Similar setup for GitLab
- Your First Policy — Deep dive into policy creation