how can I define bitbucket to conditionally unapprove all approvals

We are facing situation below:

we use Bitbucket add-on "workzone" and set "unapprove alll approvals upon new commit goes into pull request"

meanwhile, we use "branch updater" auto-merge model for bamboo tests, which means any new commits from master will be pushed to review branches, this will be a new commit showing in pull request, this action will also unapprove all existing approvals......


That is what we want, we only want pushes from developer to trigger unapproval, but merges from bamboo shouldn't trigger it.


How can I achieve this?  I am thinking about writing an external hook, which will run a .sh to judge if the commit is from developer or bamboo account, then do / not do an unapproval. Will this work? Or is there any off-the-shelf add-on we can use?


ps: we do not to modify the way developers writing their commit msg, so we will not accepting putting a "#keep" or a "#unapprove" in commit msg to achieve this...

2 answers

1 accepted

0 votes
Answer accepted

1)Off the top of my head I don't know for sure about branch name variable. Try adding a 'set' or 'setenv' so it echoes all the currently defined variables at the time of the script execution. 

2) so this where it pays to develop the hook as a plugin ( for hooks the base code is very small, and atlassian samples can be adapted very quickly ). From Java you would be able to "elevate" your permissions or run a segment of code elevated permissions.

The other way you can do it through script would be to create a local admin account that would only be used by the script but would have the necessary permission to run access the rest through curl, then you don't need every developers just the user you maintain. If you make it a sysadmin then it would have all permissions from the go, otherwise you would then want to have a manual workflow process for developers that have project-admin permissions to add that special user to the project which should then trickle down to the repos. 

Hope that helps, or gives you a bit more thought

Thank you Dana!


Your best bet i think would be writing a Bitbucket Hook plugin vs.. an external script. There are a few examples on Atlassians developer website. You have better control over the evaluating of the condition and then forcing the expected action.  

If you use ScriptRunner for Bitbucket, you might be able to accomplish this in a similar fashion as well without making a full plugin.

Thank you so much Dana,

I am already on the way writing the hook, everything looks fine except:

1. in the post receive hook, is there an environment variable which exactly equals to the branch name like "review/DEV-xxx" ?

2. I need to use bitbucket API to DELETE all approvals in one time, but based on Atlassian's document, the user sending the curl command is only able to delete his own approval by sending a "-u user:password", if I need to delete all approval, seems like I need to collect everyone's credential which is quite impossible. How can I achieve this? Is there a super user which I can use to delete all approvals?

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Thursday in Bitbucket Pipelines

Building a Bitbucket Pipe as a casual coder :  #!/bin/bash source "$(dirname "$0")/" enable_debug extra_args="" if [[ "${DEBUG}" == "true" ]]; then extra_args="--verbose" fi # mandatory variables R...

226 views 0 12
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you