Generate SSH keys for Bitbucket Pipelines

By on March 21, 2017

Configuring SSH access to servers for your builds and deployments on Bitbucket Pipelines used to be a real pain. We had a manual process that involved generating keys locally, then base64 encoding them to pass through environment variables in your build. You also needed to add hosts to the SSH known_hosts file so various commands didn’t fail with cryptic error messages. We saw an opportunity to make this experience a whole heap better.

Improved SSH configuration for Pipelines

We’ve designed a new configuration screen for your Bitbucket repository that lets you generate and configure SSH keys for your pipelines with a single click. The private key will be encrypted, kept securely within Bitbucket, and automatically registered in your pipeline build container. You then simply copy/paste the public key on to your remote host to give your build access to it.

Adding your remote hosts to the known_hosts file in your build is just as easy. Type in the hostname and Bitbucket automatically pulls down the host’s public key, and lets you verify the fingerprint. If everything looks is okay, add your hosts to the configuration with a single click.

With these small improvements, configuring SSH access for Pipelines now takes just a few seconds instead of half an hour of error-prone tweaking.

Learn more about using SSH keys in Pipelines. Happy Pipelining!

Try Bitbucket Pipelines

Bitbucket Pipelines adds support for Alpine Linux

By on March 13, 2017

We’re big fans of both Node.js and Docker at Atlassian, and Bitbucket has seen some great adoption among these communities. So when we were recently contacted by the maintainers of the node-docker project to see whether Bitbucket Pipelines could support their Docker image, based on Alpine Linux, we immediately went to investigate and see what we could do.

Alpine is a very lightweight Linux distribution that weighs in at an insanely small 5 MB, so using it in your build can shave a significant amount off the download and startup time. However, Alpine was incompatible with Pipelines because we had a dependency on the bash shell.

Bitbucket Pipelines was originally designed to require bash, which isn’t included in Alpine. But with a few tweaks on our side, we now fall back to using /bin/sh when /bin/bash isn’t available. These changes allow customers to use any Alpine-based image for their build container in Pipelines.

Now all Bitbucket Pipelines users can get the speed benefits of using any Docker image based on Alpine, including many of the official Docker images that started transitioning last year. We hope you enjoy this improvement as much as we do!

Haven’t tried Bitbucket Pipelines?

Bitbucket Pipelines is a continuous delivery service built right within Bitbucket so you can code, test, and deploy from a single tool with a unified workflow. There’s no need to switch to another application, no need to juggle permissions and access, or setup servers – just use Bitbucket Pipelines and get unlimited concurrent builds.

Try Bitbucket Pipelines

Cheers, the Bitbucket Pipelines team

Rest assured with Pipelines build notifications in HipChat

By on March 6, 2017

Bitbucket Pipelines integration with HipChat
Every time you trigger a build in Bitbucket Pipelines, whether by pushing commits or creating a pull request, you have to remain at your desk or constantly refresh your email to see if the build has passed. You don’t like wearing the cone of shame for a failed build and would like to get notified ASAP asynchronously.

Introducing HipChat notifications for Bitbucket Pipelines

Many software teams use HipChat to share ideas and stay connected regarding their team’s latest commits, pull requests, or the latest meme. If you are one of those teams, we’ve added a long-awaited HipChat integration with Bitbucket Pipelines. Now get feedback even faster with build status updates via HipChat.

Enable HipChat notifications for Pipelines

To enable HipChat notifications for Bitbucket Pipelines, follow these three simple steps:

  1. Enable the HipChat for Bitbucket Cloud integration
  2. Go to your Bitbucket team or repository settings page and click HipChat integration.
  3. Under the section Notify the room with activity in these areas, select the boxes for Started, Successful, and/or Failed.

Voila! you are good to go…

Haven’t tried Bitbucket Pipelines?

Bitbucket Pipelines is a continuous delivery service built right within Bitbucket so you can code, test, and deploy from a single tool with a unified workflow. There’s no need to switch to another application, no need to juggle permissions and access, or setup servers – just use Bitbucket Pipelines and get unlimited concurrent builds.

Try Bitbucket Pipelines


Have more specific questions about this post? Reach out to us on Twitter to get the information you need. 

Cheers, the Bitbucket team

Bitbucket ❤️ Unity Cloud Build

By on March 1, 2017

The Bitbucket team are excited to announce a brand new integration with Unity Cloud Build, just in time for GDC 2017!

Traditionally, game builds are compiled, tested, and packaged by developers via their IDE or another tool provided by the game engine SDK. This is sub-optimal as it wastes developer time and resources, excludes non-technical contributors from building the game, and requires builds to be uploaded and hosted somewhere to share with other team members. The situation is even worse if you target multiple platforms with your game, as you’ll need to create separate builds for each platform.

Fortunately, Unity Cloud Build provides automated builds and continuous integration for your Unity projects hosted on Bitbucket. Bitbucket’s new Unity Cloud Build integration improves this experience by allowing you to jump quickly from your source code in Bitbucket to a built, playable version of your game or app.

Bitbucket's Unity Cloud Build integration
Once the integration is enabled, Unity build logs and artifacts are posted to Bitbucket as build statuses, so you can jump from your source code in Bitbucket to a playable version of that same code with a single click. The integration automatically creates a sharable link for each game artifact, allowing any team member to access builds for the latest version or historical versions of their game – without having to wait for a developer to cut a build for them.

Your project, your platforms

Unity Cloud Build supports a range of target platforms including Android and iOS games and apps, desktop games for Windows, macOS, and Linux, and WebGL builds for the web! In fact, for WebGL builds, you can click straight from your code in Bitbucket to an interactive web player and play your game without having to download a build yourself.

Unity Cloud Build platforms, February 2017

Unity Cloud Build platforms, February 2017
Unity Cloud Build statuses will appear against their corresponding commits, branches, and pull requests in the Bitbucket UI. This makes it simple to:

If a build happens to fail, no game artifacts are generated, but a handy link to the build logs will be displayed instead so you can quickly debug the failure and get your project building again. Speaking of failed builds, Unity Cloud Build statuses are fully integrated with Bitbucket’s merge checks which can be optionally enabled to prevent failing code from being merged into master, keeping your game buildable at all times.

Getting started

Setting up Unity Cloud Build and Bitbucket integration is easy! Simply:

  1. Sign up for Bitbucket (if you haven’t already)
  2. Follow Unity’s excellent tutorial on Creating your First Cloud Build Project
  3. Enable Unity Cloud Build integration in Bitbucket

Once enabled, you’ll start seeing build statuses appearing after each build completes in Unity Cloud Build.

We’re at GDC 2017!

The Bitbucket and SourceTree team will be representing at GDC in force! If you want to catch a demo of the Unity Cloud Build integration, score some Atlassian swag, or have any questions about our game development tools: come and find us at Booth #336, South Hall Zone 2.

I’ll also be giving a talk – Collaborating on Unity Projects with Git – at 4pm in Room 3014, West Hall. It’ll feature the new Unity Cloud Build integration, alongside some tips for versioning Unity projects in Git, handling large assets with Git LFS, and Git workflows for game dev teams. Looking forward to seeing you there!

Get started, it’s free

Big strides in Cloud security: IP whitelisting & required 2-Step Verification in Bitbucket

By on February 28, 2017

We live in an age where data breaches are very common. In the last three years major retailers to modern tech companies have experienced massive data breaches – yet CompTIA research shows that most companies are still not fully prepared against security threats and haven’t taken necessary steps to overhaul their security measures. No matter how much focus is put on data security, it’s the end user that is ultimately the weakest link and can be vulnerable to password hacks.

To avoid this, it’s more important than ever that you aren’t just securing your account with a password, but also taking measures like two-step verification to keep your private content on Bitbucket, well… private. In addition to two-step verification, Bitbucket is taking security a step further for teams who store their source code in Bitbucket Cloud and desire additional security: team admins can require their teams to enable two-step verification and/or limit access to private code by IP address. Let’s take a deeper look at how admins can benefit from IP whitelisting and required 2-step verification.

Introducing IP whitelisting for your private code

With IP whitelisting enabled, users will only be able to interact (view, push, clone, etc.) with your account’s private content if they are accessing Bitbucket from an IP address you have selected and know is safe. If a user tries to access any of your team’s repositories, issue trackers, wikis, snippets or team settings from an un-whitelisted IP, they’ll receive an error. This helps prevent unwanted third parties from accessing your account even if they have acquired a team member’s email address and password. As the first of the leading Git repository management tools to provide advanced Cloud security like IP whitelisting, we’re taking steps to make teams feel safe storing their source code in the Cloud.

We’ve heard from several teams that using IP whitelisting with Bitbucket will allow them to move off on-prem version control systems and enjoy the savings and convenience of hosting their code in the cloud. When digging into the use cases and needs of these teams, we found some common themes for how this feature would be used:

“For Limpid Logic customers, remote access and IP whitelisting are sometimes a legal requirement, especially for clients in highly regulated industries such as finance and healthcare. Our work often deals with sensitive intellectual property that requires limited geographic access to repos from a few specific IPs,” said Bachir El Khoury, Managing Director at Limpid Logic. “IP whitelisting is exactly what we need within our business and we’re thrilled to see this security feature in Bitbucket.”

IP whitelisting is a feature of Bitbucket’s Premium plan and can be found under the access controls section of your account settings.

Ensure secure access with required two-step verification

Two-step verification (also known as 2FA) ensures your data will continue to be protected even if someone else gets your password. This is great for those who have it enabled as an extra security mechanism, but how do you really know if your team is taking advantage of this extra security? Manually following up is always an option for a small team, but what happens when your team grows to 10, 20, or more than 100?

We’re launching required 2-step verification in Bitbucket for these account administrators who require their team to have two-step verification to access private code. When you enable this option for your team, users will need to have two-step verification enabled in order to interact (view, push, clone, etc.) with your account’s private content: repositories, team settings, issue trackers, wikis, and snippets. If a user doesn’t have two-step verification enabled at the time of access, they’ll see instructions on how to enable two-step verification in the UI and continue.

cloud security features in bitbucket

Bitbucket’s Premium plan

Both of these features are available in Bitbucket’s Premium plan, which also includes merge checks, smart mirroring, 1,000 build minutes/month for Bitbucket Pipelines and 10 GB/month of Git Large File Storage (LFS). This plan specifically aims to improve the experience for administrators of teams with lots of users and repos, complex business requirements (as a result of industry standards, etc.) or both, which we’ve found become more prevalent as a team grows.

All features in this plan are in a free trial until pricing changes take effect when the plan will be available for $5/user/month. For a complete breakdown of our pricing and what falls in each plan, check out our pricing comparison page.

Try IP whitelisting and required 2-step verification

If you’re ready to enhance your security measures, sign up for a Bitbucket Cloud account. If you are already a Bitbucket customer, further documentation for IP Whitelisting and requiring two-step verification can be found here.

Get started, it’s free

Have more specific questions about this post? Reach out to us on Twitter to get the information you need. 

Add access keys to branch permissions in Bitbucket Server 4.14

By on February 23, 2017

When you hear the terms security and speed, Git repository management may not be the first thing that comes to mind. But for software development teams, these 2 things translate into 1 big thing: productivity. Today we’re releasing Bitbucket Server 4.14 which includes access keys in branch permissions, automatic dashboard updates, and an email notification enhancement.

Keep reading to learn how these features can help your team move faster.

Access keys in branch permissions

Permissions and Git can be a tricky thing; without a tool to enforce access control, anyone can read or write to your repositories. In Bitbucket Server you can give users access to anything – a specific project, a single repository, or just a branch. You can also give permissions to access keys, which allow continuous integration servers and other automated processes to interact with your source code.

Previously, access keys were granted only at the project and repository level, causing some trouble when branch permissions were also applied. The only way around this was to create a user account for your CI server and explicitly grant it branch access like other members of your team.

In Bitbucket Server 4.14, access keys are now applicable at the branch level, thus avoiding extra user creation. Updating repository metadata on restricted branches is as easy selecting an access key in the branch permission’s dialog.

Automatic updates and email reviewer status

Next up, 2 new features that make getting information just a little bit faster. First an update to the personal dashboard – no more refreshing required. When changes are made to your pull requests, i.e. approval or comment, they’ll be reflected automatically on the dashboard. Waiting for your pull requests to be reviewed? Pop open a tab, sit back, relax, and watch the approvals roll in.

Second, an enhancement to pull request email notifications. Pull requests are imperative for ensuring high quality code, which is why we’ve built Bitbucket Server’s pull request experience to cater to teams.

Currently when updates to pull requests occur (i.e. a reviewer changes the status to ‘needs work‘), the subsequent email notification batches this change with many others. To get a good idea of all the activity, you’ll need to open the email and scroll through the updates.

In Bitbucket Server 4.14 you can now get a feel for changes by looking at the reviewer status in the notification header. A new ‘needs work‘ status is a quick indicator that the pull request needs revisiting.

Try Bitbucket Server

For more information on other improvements and bug fixes in Bitbucket Server & Data Center 4.14 check out our release notes.

New guides for Bitbucket Pipelines

By on February 15, 2017

Community Guides

Since Bitbucket Pipelines launched back in October 2016, we’ve heard a tremendous amount of positive feedback and excitement about the new built-in CI/CD feature within Bitbucket. A ton of you wrote excellent tutorials about how you’ve configured your Pipelines for various use cases. For instance, we were thrilled with James Fairhurst’s blog about getting set up on Bitbucket Pipelines and Laravel and Ozren Lapcevic’s blog on building, testing and deploying Django App with Bitbucket Pipelines. We appreciate your commitment to sharing best practices with the rest of the community – thank you! Keep ’em coming!

Today we’re excited to share some of our own tutorials, including five new Pipelines language guides and four new deployment guides, making it even easier for you to set up Pipelines.

New Language Guides

If you’ve tried Pipelines before but had trouble configuring your .yml file for Java, Javascript/Node.js, Ruby, Python or PHP, or if you’re interested in trying Pipelines for the first time, we’ve created these five guides for you!

New Deployment Guides

We’ve also added several deployment guides if you’re interested in fulfilling the full software development life-cycle with Bitbucket.

We’ll be adding more soon, so make sure to check back! As always, if you have feedback on any of these guides, please tweet us @Bitbucket Pipelines.


Haven’t tried Bitbucket Pipelines yet? Give it try!


Try Bitbucket Pipelines


We’ll be at Git Merge 2017!

By on February 1, 2017

At this very moment, members of Atlassian’s Bitbucket and SourceTree teams are converging on the city of Brussels, Belgium for the annual Git Merge conference and Git Contributors’ Summit. If you happen to be attending the conference, or are otherwise in the neighborhood, come along to our Beers on Bitbucket meetup on Thursday night to meet some of the developers behind Atlassian’s DVCS tools. In addition to providing (and imbibing) beer, we’ll be hosting a few short tech talks covering various aspects of our Git tools:

Squash commits when merging a Git branch with Bitbucket

By on January 31, 2017

Imagine you’re working on a feature. You create a pull request with your changes and get some feedback. You update your pull request by adding another commit that addresses the feedback. Maybe you notice a typo. So you create another commit that fixes the typo. Very soon, your feature branch has a lot going on with all these commits:


So you get your PR approvals and you merge. But looking through your repository’s history, you notice that it looks busy. A lot of these commits don’t actually add any value to your repo’s history. They clutter up the blame, make bisects take longer and generally make the history hard to navigate.

Squash your commits in Bitbucket Cloud

You could always squash commits via the command line using “git merge –squash”, but this is just another time consuming step, and it would be a lot easier to have it done for you from Bitbucket. Today we’re launching the ability for Git users to squash commits in feature branches when merging pull requests. Combining these commits will provide a clean, easy-to-follow history for your repo. This new merge strategy can be found when merging a pull request:

git squash commits

Merge commit (–no-ff) will keep all of your commits from your feature branch, while Squash (–squash) is the new option that will allow you to combine your commits and clean up your repo.

Update on squashing commits in Mercurial

This feature rollout applies only to Git and not Mercurial… yet. Squash requires exchange of obsolescence markers – part of the evolve extension – so we’re working with Mercurial’s maintainers to get evolve bundled in core Mercurial, as well as adding support for it in Bitbucket. For developers already using the evolve extension, we hope to have a beta for squashing in Mercurial available soon.

In order to help make features like this accessible to the community in the future, including through further development of the Mercurial platform, Bitbucket is making a charitable donation to the Software Freedom Conservancy. We’re proud to support the Software Freedom Conservancy and promote the development of platforms like Mercurial, and encourage you to keep a look out for advancements to come.

Try Squash-merges

Next time you want to merge a pull request, try out the squash merge option and tell us what you think on Twitter.

If you’re new to Bitbucket, sign up for an account, import some code, add your team mates and have them review your code via a pull request. When you are ready to merge their feedback, you will find the new squash merge strategy.

Looking for more in depth information on this new feature? More information on squash merges can be found here.

Get started, it’s free

Have more specific questions about this post? Reach out to us on Twitter to get the information you need. Looking for squash merges in Bitbucket Server? Merge strategies are available in Bitbucket Server 4.9.

Bitbucket Server 4.13 brings in-browser editing and more

By on January 26, 2017

You’ve probably heard the word “simplify” floating around a lot this time of year. People are setting New Year’s resolutions, cutting the clutter, and generally, trying to do more with greater efficiency and focus. On the Bitbucket team, we’re trying to simplify too, which is why our first release of 2017 includes several new features to make your day to day a little easier.

Edit files in-browser

Fixing typos, editing README files, and making other small changes can require a fairly large amount of steps relative to the size of the change. First, you must clone the repository locally, then make your change, next push back up to Bitbucket, and finally create a pull request (if needed). Before you know it, a quick spelling change has taken 5 or 10 minutes. And for those who aren’t as prepared to make changes locally, for example a doc writer who hasn’t installed Git, this can be quite daunting.

In Bitbucket Server and Data Center 4.13, we’ve simplified the process by letting you edit files inside of Bitbucket. To help make your change, the editor pre-selects a syntax based on filetype, lets you add a commit message, and even offers the option to create a pull request on push. With no need to do anything locally, simple changes can be applied much more quickly.



Easily find related JIRA Software issues

The past few years we’ve made huge enhancements to our JIRA Software and Bitbucket integration. Features like smart commits, embedded issue information, and the development panel in JIRA improve visibility and save time. As part of our continued focus on this integration, today we’re releasing a small but powerful improvement to JIRA issue integration. Throughout the Bitbucket UI JIRA issue keys have been modified to become hyperlinks to JIRA, making it easier to locate and dig into related issues. Keys are now clickable in commit messages, pull request titles, and in branch names.


Built-in SAML 2.0 support in Bitbucket Data Center

For admins looking to simplify user management in Bitbucket Data Center, SAML 2.0 single sign-on support is now available out of the box. SAML support integrates into your existing infrastructure, providing developers a more secure and hassle free way to log in. Having only one username/password to maintain means quicker access to tools and less password reset requests for admins.

We support a large list of popular identity management providers including Okta, OneLogin, Azure, Active Directory (ADFS), Bitium and PingOne.

Upgrade to Bitbucket Server 4.13

No matter what your New Year’s resolution is, we can all use a bit more simplification in our lives. Small improvements lead to big gains. In this case, less time switching between tools, looking for links, or fighting with passwords means more time spent on whatever is important to you.

Upgrade to Bitbucket Server 4.13

But wait, that’s not all! In Bitbucket Server 4.13 we identified areas to use less memory by caching template rendering. With this improvement, 4.13 uses less memory than any other 4.X version of Bitbucket. For a list of other improvements and bug fixes check out our 4.13 release notes.