- **Import your BitBucket Cloud repositories** – Import your Bitbucket Cloud repositories into SonarQube to easily set up SonarQube projects.
- **Analyze projects with Bitbucket Pipelines** – Integrate analysis into your build pipeline. SonarScanners running in Bitbucket Pipelines can automatically detect branches or pull requests being built so you don't need to specifically pass them as parameters to the scanner (branch and pull request analysis is available starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)).
- **Report your Quality Gate status to your pull requests** – (starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html)) See your Quality Gate and code metric results right in Bitbucket Cloud so you know if it's safe to merge your changes.
+- **Authenticate with Bitbucket Cloud** - Sign in to SonarQube with your Bitbucket Cloud credentials.
## Importing your Bitbucket Cloud repositories into SonarQube
-Setting up the import of BitBucket Cloud repositories into SonarQube allows you to easily create SonarQube projects from your Bitbucket Cloud repositories. If you're using Developer Edition or above, this is also the first step in adding pull request decoration.
+Setting up the import of BitBucket Cloud repositories into SonarQube allows you to easily create SonarQube projects from your Bitbucket Cloud repositories. This is also the first step in adding authentication and, starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), the first step in reporting your analysis and Quality Gate status to your pull requests.
[[info]]
| To import your Bitbucket repositories into SonarQube, you can only have one global configuration of Bitbucket, including Bitbucket Server and Bitbucket Cloud. See the **Configuring multiple DevOps Platform instances** section below for more information.
[[collapse]]
| ## Linking issues
| When adding a Quality Gate status to your pull requests, individual issues will be linked to their SonarQube counterparts automatically. For this to work correctly, you need to set the instance's **Server base URL** (**[Administration > Configuration > General Settings > General > General](/#sonarqube-admin#/admin/settings/)**) correctly. Otherwise, the links will default to `localhost`.
+
+## Authenticating with Bitbucket Cloud
+To allow users to log in with Bitbucket Cloud credentials, you need to use an [OAuth consumer](https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/) and set the authentication settings in SonarQube. You can either use the OAuth consumer that you created above in the **Importing your Bitbucket Cloud repositories into SonarQube** section or create a new OAuth consumer specifically for authentication. See the following sections for more on setting up authentication.
+
+### Setting your OAuth consumer settings
+Create or update your OAuth consumer in your Bitbucket Cloud workspace settings and specify the following:
+
+- **Name** – the name of your OAuth consumer.
+- **Callback URL** – your SonarQube instance URL.
+- **Permissions**:
+ * **Account**: **Read** and **Email** access.
+ * **Workspace membership**: **Read** access.
+
+[[info]]
+| If you're using the same OAuth consumer for authentication and importing projects/reporting status to pull requests, make sure that the **This is a private consumer** box is checked and **Read** access for the **Pull requests** permission is granted.
+
+### Setting your authentication settings in SonarQube
+To set your global authentication settings, navigate to **Administration > DevOps Platform Integrations** and select the **Bitbucket** tab. Scroll down to the **Bitbucket Authentication** section and update the following settings:
+
+- **Enabled** - set to true.
+- **OAuth consumer key** - enter the **Key** from your OAuth consumer page in Bitbucket.
+- **OAuth consumer secret** - enter the **Secret** from your OAuth consumer page in Bitbucket.
+- **Workspaces** - Only users from Bitbucket Workspaces that you add here will be able to authenticate in SonarQube. This is optional, but _highly_ recommended to ensure only the users you want to log in with Bitbucket credentials are able to.
Community Edition doesn't support the analysis of multiple branches, so you can only analyze your main branch. With [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), you can analyze multiple branches and pull requests.
## Importing your GitHub repositories to SonarQube
-You need to use a GitHub App to connect SonarQube and GitHub so you can import your GitHub repositories into SonarQube. This is also the first step in adding authentication and, if you're using [Developer Edition](https://redirect.sonarsource.com/editions/developer.html) or above, the first step in adding pull request decoration.
+You need to use a GitHub App to connect SonarQube and GitHub so you can import your GitHub repositories into SonarQube. This is also the first step in adding authentication, and, starting in [Developer Edition](https://redirect.sonarsource.com/editions/developer.html), the first step in reporting your analysis and Quality Gate status to your pull requests.
If you want to set up authentication without importing your GitHub repositories, see the **Creating a dedicated app for authentication** section below for instructions on setting up authentication.
| ## Linking issues
| When adding a Quality Gate status to your pull requests and branches, individual issues will be linked to their SonarQube counterparts automatically. For this to work correctly, you need to set the instance's **Server base URL** (**[Administration > Configuration > General Settings > General > General](/#sonarqube-admin#/admin/settings/)**) correctly. Otherwise, the links will default to `localhost`.
-## Setting up GitHub authentication
+## Authenticating with GitHub
To allow users to log in with GitHub credentials, use the GitHub App that you created above (see the **Importing your GitHub repositories using a GitHub App** section for more information) and update your global SonarQube settings.
[[info]]
Using Http header authentication is an easy way integrate your SonarQube deployment with an in-house SSO implementation.
-## GitHub and GitLab Authentication
-You can delegate authentication to GitHub Enterprise and GitHub.com or GitLab Self-Managed and GitLab.com. See the corresponding DevOps Platform integration page for more information:
+## GitHub, GitLab, and Bitbucket Cloud Authentication
+You can delegate authentication to GitHub, GitLab, or Bitbucket Cloud. See the corresponding DevOps Platform integration page for more information:
- [GitHub Enterprise and GitHub.com](/analysis/github-integration/)
- [GitLab Self-Managed and GitLab.com](/analysis/gitlab-integration/)
+- [Bitbucket Cloud](/analysis/bitbucket-cloud-integration/)
## SAML Authentication
You can delegate authentication to a SAML 2.0 Identity Provider using SAML Authentication.
projects / sonarqube.git / commitdiff