Hi team,
I am trying to get only the list and names of changed files from a Pull request in to my bitbucket pipelines in order to pass those file names to a cli scanner that is integrated as part of my pipelines that triggers on PR. For scanning those specific files that are changed instead of scanning the whole source code. As the scanner only accepts the location of files as target to scan. How can we achieve this? Thanks.
Hi @salluri,
If your pipeline is running on a pull-requests definition, the variable $BITBUCKET_PR_ID will be available in the build.
You can use the following API endpoint during a Pipelines build for the PR $BITBUCKET_PR_ID, which will return the files changed in this PR:
If you want to get only the new path of these files, you can filter the results as follows:
curl -L -X GET -u "${BB_Username}:${App_Password}" -H "Content-Type:application/json" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_WORKSPACE}/${BITBUCKET_REPO_SLUG}/pullrequests/${BITBUCKET_PR_ID}/diffstat?fields=values.new.path"
Kind regards,
Theodora
Hi @Theodora Boudale ,
Thanks for answering my question. I am having a question regarding the below section
diffstat?fields=values.new.path
The sample output that i received is as below as i tried changing the readme.md file for testing purposes
{"values":[{"new":{"path":"README.md"}}]}
So from above output how can i read this as a path into next steps (scanner command) that run as part of the pipeline?
Regards
salluri
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @salluri,
Our API returns the results in JSON objects. If you want to filter this and get only the actual file paths, you can use a tool that filters JSON data, for example, jq https://stedolan.github.io/jq/
If jq is installed, you can filter the results in the API call as follows:
curl -L -X GET -u "${BB_Username}:${App_Password}" -H "Content-Type:application/json" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_WORKSPACE}/${BITBUCKET_REPO_SLUG}/pullrequests/${BITBUCKET_PR_ID}/diffstat?fields=values.new.path" | jq '.values[].new.path' -r
You can install jq during the build and prior to running this API call with the following commands in the script of the yml file:
apt-get update
apt-get install jq
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Theodora Boudale ,
Thanks for replying back. I understood this part my main question is after getting the output.
For example if three files are changed with the PR and i got output like below using the above curl command that you provided
change1.js
change2.js
change3.js
How can i use this output in my next command to provide as the input as list of files for instance (change1.js, change2.js, change3.js)?
Regards
salluri
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi salluri,
Thank you for the clarification.
You can redirect the output from the API call to a file
curl -L -X GET -u "${BB_Username}:${App_Password}" -H "Content-Type:application/json" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_WORKSPACE}/${BITBUCKET_REPO_SLUG}/pullrequests/${BITBUCKET_PR_ID}/diffstat?fields=values.new.path" | jq '.values[].new.path' -r >> PRFiles.txt
Then, you can write a script that reads this file line by line, constructs the input as you need it (change1.js, change2.js, change3.js), and assigns it to a variable. You can then this variable as an argument to the next command. You can commit this script to the repo, so you can use it during the build.
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.