BitbucketCloud Project Binding

janfschmidt · October 15, 2021, 7:54am

I would like to set up project binding between Bitbucket Cloud and SonarCloud via the API. Unfortunately, this feature does not seem to be implemented (yet?).

Specifically, the API route is

POST https://sonarcloud.io/integration/bitbucketcloud/bind_repo

with the payload

{"jwt": "...", "projectKey": "PROJECT_KEY_HERE"}

Unluckily, the normal SonarCloud token can’t be used for this request either, it seems to be a special token in the Bitbucket context.

Can you tell me if it is possible in the (near) future to implement this route or alternatively tell me about which way I can generate a JWT for this request?

What i found so far is

but it doesn’t work for me.

janos2 · October 28, 2021, 7:58pm

Note that the endpoint you found is not listed in the official API documentation.

The recommended way to bind Bitbucket projects today is still to use the UI. (Import org, import projects.)

It could be a good idea to describe your use case to do this programmatically, so that it might gain interest and traction.

janfschmidt · October 29, 2021, 6:38am

My use case is relatively simple to explain: In my company we have a large amount of repositories that I programmatically manage across multiple services (BitBucket, CI/CD, SonarCloud, …). Say: As soon as a new repo is added or something changes to an existing one, in all services the changes are automatically applied. I already create and manage the projects in SonarCloud via the API (more precisely via the Python API). Now, if for example a repo changes (rename, etc), I would like to be able to manage the binding between SonarCloud and Bitbucket also via the API.

janos2 · October 29, 2021, 7:19am

Hm, I think that repo renaming is not a good example here. The binding is based on repo id, so it shouldn’t be affected by renaming of the repo. So, why do you think it’s necessary to update the binding when the repo is renamed? Or do you have another kind of example (not renaming)?

janfschmidt · October 29, 2021, 7:31am

My mistake, I did not give all the information: I always keep repo names and project key in a consistent format.So if I rename a repo, the project key changes too and so the binding has to be renewed.

janos2 · October 29, 2021, 7:35am

If you want to update the project key on SonarCloud side to match the change on Bitbucket, you could use the api/projects/update_key official API endpoint. I don’t see a need to update the binding.

janfschmidt · October 29, 2021, 7:41am

I already use the route. To be honest I just can’t remember what exactly I did to make me renew the binding, but I definitely had a use case for it

janfschmidt · December 3, 2021, 7:28am

Ha, today I remembered the reason (Ok, admittedly the problem has come up again ): When I create a new BitBucket repository and set up a SonarCloud analysis in my pipeline, the PRs are created but not displayed in BitBucket because the project is not even linked to SonarCloud yet.

Colin · December 3, 2021, 8:30am

Hey @janfschmidt

You might be interested in this comment (and the roadmap item linked)

janfschmidt · December 3, 2021, 8:46am

This is very unsatisfying, especially since an API route can also control “complex” backend tasks very well - if it works via the UI (especially since an internal API route is already being called), it should also work via the external API. I really hope that the feature will be implemented soon.