Supported features and limitations
The Bitbucket Server connector is designed to index core repository content and metadata, supporting granular access control and flexible crawling strategies. The following sections detail the supported objects, API endpoints, limitations, and crawling options.Supported objects types
| Object type | Description |
|---|---|
| Repositories | Git repositories within Bitbucket Server |
| Projects | Logical groupings of repositories |
| Users | Bitbucket Server user accounts |
| Pull Requests | Pull requests and their metadata |
| Pull Request Comments | Comments on pull requests |
| Files & Directories | File and directory structures in repositories. This can be crawled only if the Code Tool is enabled for your repositories. |
Supported API endpoints
API domain =https://bitbucket.company.com/rest/api/latest
Here https://bitbucket.company.com represents the server url for the customer.
- Users (
/admin/users) - Repositories (
/repos) - Repository Permissions (
/projects/<project>/repos/<repo>/permissions/users) - Pull Requests (
/projects/<project>/repos/<repo>/pull-requests) - Pull Request Comments (
/projects/<project>/repos/<repo>/pull-requests/<pr>/activities)
Limitations
- Projects scoped by permission may require a separate personal access token.
- Webhook is not supported.
- Features available in Bitbucket Cloud (such as issue tracking) may not be supported or may differ in Bitbucket Server.
Requirements
To successfully configure the Bitbucket Server connector, ensure you meet the following requirements:- Version: Your Bitbucket Server instance must be running version 5.5 or higher (required for Personal Access Token support).
- Admin Access: You must have Admin rights on the Bitbucket Server instance to create the required Personal Access Token.
- Required permissions and scope: The HTTP Access Token must be granted
Project: ReadandRepository: Adminpermissions for each project you intend to index; you may need to create a separate token for every project, as tokens are typically scoped to a single project or repository. - Credentials: You need to provide the following details into the Glean Admin Console:
- Bitbucket Server domain name
- Bitbucket Server IP address
- Username of the token creator
- HTTP access token
Setup instructions
Perform the following steps to connect your Bitbucket Server to Glean:Step 1. Determine API access token scopes
To authorize Glean API calls, an access token from a Bitbucket admin account with the permission combination ofProject: Read and Repository: Admin is required.
Repository:Admin scope is needed to view explicit user permissions and explicit group permissions for a given repository, the crawl must have a repository:admin scope. Bitbucket Server does not offer a read-only version of this scope.
Step 2. Create an HTTP access token
- Sign into a Bitbucket admin account.
- Create your HTTP access token. For more information, see HTTP access tokens.
Step 3. Enter Bitbucket server instance details to Glean
Provide the following information in the Glean admin console:- Enter your Bitbucket Server hostname, for example,
https://bitbucket.<company>.com. - Enter your Bitbucket Server IP address.
- Enter username of the access token creator.
- Enter the access token that you created in the Create an HTTP access token step.
Crawl configuration options
- You can configure which repositories or projects to include or exclude using redlist/greenlist fields (e.g., blockedRepositories and allowedRepositories).
- The format for specifying repositories is
<project>/<repository>. - Crawl frequency and lookback period can be adjusted in the Glean admin console.
Data ingestion and scope
The connector collects repository files, directories, pull requests, comments, and user metadata. All API requests are made securely over HTTPS.- Ingestion scope: Only data accessible to the user associated with the HTTP access token is ingested. You must ensure this user’s access is appropriately scoped within Bitbucket to avoid unintentional data exposure.
Access control and compliance
Glean strictly enforces Bitbucket Server’s access controls at query time.- Access principle: Only users who have access to a repository in Bitbucket Server will see the corresponding results in Glean.
- Authentication: Authentication uses a HTTP access token created by a user with admin-level privileges.