CODEWITHSUNDEEP
bitbucket-serverbitbucket-cloud
Alexander Mills
Alexander Mills

Reputation: 100270

Modifying pre-receive hooks on Bitbucket Cloud

We have Bitbucket Cloud not Bitbucket Server. Is there a way to modify the "pre-receive" functions on Bitbucket? Goal is to audit pushes to make sure there's no obvious vulnerabilities before the code is available on Bitbucket. Git-hooks might work but there's not really a way to get them into version control in the same repo - the only way I can think of doing that would be to ssh into a Bitbucket server and modify the remote repo but I don't think you can do that?

My only guess is there might be a way to keep the pre-receive hooks in source control by putting the hook somewhere like this in the repo:

.bitbucket/pre-receive

But it's hard to find any info on this online.

Upvotes: 16

Views: 2429

Answers (2)

Mauricio
Mauricio

Reputation: 621

  • Bitbucket Server

Create a hook

You can also write your own hooks. Here are some useful resources to help you get started.

Details: https://confluence.atlassian.com/bitbucketserver/using-repository-hooks-776639836.html

Beware "Support for Server products ends on Feb. 15, 2024"; reference: https://www.atlassian.com/migration/assess/journey-to-cloud

  • Bitbucket Cloud

About: "Does Bitbucket Cloud support git pre-receive hooks"

It is not currently possible.

You can vote for and watch https://bitbucket.org/site/master/issues/10471/git-server-side-pre-receive-hook-bb-11418

Current status: "Under Consideration" november/2023

Reference: https://community.atlassian.com/t5/Bitbucket-questions/Does-Bitbucket-Cloud-support-git-pre-receive-hooks/qaq-p/950235

Upvotes: 2

daveruinseverything
daveruinseverything

Reputation: 5177

Unfortunately, this isn't possible.

The GitHub documentation is talking about GitHub Enterprise Server, a product you would install on your own infrastructure. GitHub as in github.com does not support creating pre-receive hooks at all. This is pretty much the norm amongst the popular cloud git hosting providers - no cloud provider will let you write your own arbitrary code and run it on the same infrastructure that holds your git repo, there's too much danger of you breaking out into other data on the same physical storage.

Until someone develops a safe/sandboxed implementation of server-side hooks, you'll need to find another way.

Full disclosure: I work for Atlassian (though I don't work on Bitbucket Cloud)

Upvotes: 6

Related Questions