New to BitBucket... inherited a project, now trying to get up to speed and code-complete ASAP. We have a DevSecOps pipeline using BitBucket as SCM, SonarQube as our static analysis engine. Java is the development language. My Tech Lead would like to prevent a Merge of a Pull request if there are Critical or High issues found in the SonarQube analysis of code in the Pull request. So, I am looking for a way to trigger SonarQube scan on a Pull request and if it fails (Critical issue found) the Merge is not allowed to go through or some notification is sent. There is hope also that issue that pre-existed on the branch would not trigger the notification (legacy issues don't break Merge requests);
I see plugins for BitBucket that are "pull-request decorators" but they lack documentation (open source ones do, anyway...); any assistance is appreciated.
Update: we have recently released a new app called Better DevOps Automation. It allows executing automations with Git, Subversion, Bitbucket, GitLab, GitHub and other Version Control System implementations.
You may find something useful here, make sure you check this out.
Hi everyone, We are looking to learn more about development teams’ workflows and pain points, especially around DevOps, integrations, administration, scale, security, and the related challeng...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events