Bitbucket pre receive hook
Bitbucket pre-receive repository hook
The hook prevents pushing commits with issues that Spectral found. It can be enabled at the project or repository level.
Prerequisites
- Bitbucket server on Linux (Windows not supported)
- Spectral must be installed on the server: Instructions
- Bitbucket service account with read-only personal access token (optional)
This is required to load custom.spectral/
configuration from the repository. If not set, custom configuration from the repository will not apply.
Configuration
All configuration is done through environment variables.
Environment variable | Description | Example value |
---|---|---|
SPECTRAL_BIN | Path to the Spectral binary | $HOME/.spectral/spectral |
SPECTRAL_DSN | DSN from SpectralOps, under Settings > Organization | https://[email protected] |
SPECTRAL_COMMAND | Spectral command line arguments | scan --include-tags base,iac |
BITBUCKET_SERVER_BASE_URL | The URL to the Bitbucket server | https://mydomain.com/bitbucket |
BITBUCKET_PAT | The personal access token for Bitbucket (optional, to load spectral.yaml from repo) | TmljZSB0cnkhIEJ1dCB0aGlzIGlzbid0IGEgcmVhbCBvbmUu |
SPECTRAL_CHECK_POLICY | The severity of findings allowed before the push is rejected. | fail on any issue |
SPECTRAL_CUSTOM_REJECT_MESSAGE | A custom text to append to the rejection message | Spectral has rejected your push |
SPECTRAL_CHECK_POLICY
supports the following values:
- fail on any issue (default)
- fail on low and above
- fail on medium and above
- fail on high and above
- fail on critical
- always pass
Example configuration
SPECTRAL_DSN="https://[email protected]"
SPECTRAL_CHECK_POLICY="fail on high and above"
BITBUCKET_SERVER_BASE_URL="https://mydomain.com/bitbucket"
BITBUCKET_PAT="TmljZSB0cnkhIEJ1dCB0aGlzIGlzbid0IGEgcmVhbCBvbmUu"
SPECTRAL_COMMAND="scan --include-tags base,iac"
SPECTRAL_BIN="~/.spectral/spectral"
Installation on Bitbucket server
- Download the Spectral plugin JAR file.
- Open your Bitbucket server UI -> Administration settings
- Click on 'Manage apps' -> 'Upload app'
- Upload the Spectral plugin JAR file
- Enable the hook by going to the project -> Project settings -> Hooks and enabling "Spectral Pre Receive Hook"
- You can also enable the hook for specific repository by going to the specific repository -> Repository settings -> Hooks and enabling "Spectral Pre Receive Hook"
Change Log
V2.0.0
- Fix memory leak
V1.0.9
- Timeout for running Spectral
- HTTP connection timeout
- Ignore scanning refs of type tag
V1.0.8
- Update app key
V1.0.7
- Fix for Could not get .spectral on new branches first push
- Handle multiple refs
- Scan only changed files when pushing a new branch
V1.0.6
- [fix] not scanning when a new branch is pushed
- Logging enhancements
Updated 7 months ago