Bitbucket support

Hello readers! It has been a while since our last post, and we apologize for that. We will be renewing our efforts to continually inform you and others in the development community by posting on a regular basis. Not only do we hope to share our successes, but also provide industry insight, and help our users make the most out of our product. But this blog report isn’t just to renew our commitment to our readers, it is to announce an exciting development for Gemnasium.

Gemnasium now supports Bitbucket!

Atlassian’s Bitbucket is a web-based hosting service for projects using Mercurial or Git, and is designed to help professional teams collaborate on code with inline comments and pull requests. Bitbucket passed the one million user mark in 2013, making it one of the most popular developer choices available. Bitbucket support has been a long awaited feature, with users clamoring for it for over two years. We are extremely proud to now be able to tell new clients and old that Gemnasium is now able to serve clients on two of the most popular hosting platforms available.

Limitations

Adding support for Bitbucket has not been without its challenges, and for that reason, we have held off on announcing our progress till we had it right. With that said, it is a new feature for us, and there are some limitations (in comparison to our GitHub support) our users must be made aware of. These limitations include:

  1. Gemnasium is unable (as of yet) to clone private repositories hosted on Bitbucket.org, so reports generation is not yet available.
  2. While the auto-update feature is available to Bitbucket projects, Gemnasium cannot yet create a branch and a pull request based on dependency files.
  3. Python support is limited to the dependency files compatible with PIP, such as requirements.txt and the like. (Gemnasium cannot process other dependency files in setup.py because it would need to clone the repo prior to running the script.)
  4. The Bitbucket API does not allow us to search through the sub-directories of a repository in an efficient manner. Thus, recursive file search is not yet supported.
  5. Mercurial repositories are not supported.

We plan to include all of the above features to Bitbucket repositories based on Git, but have no plan to support Mercurial repositories.

Challenges

Our primary challenge with regards to many of the above limitations has been the way Bitbucket handles access to repositories: There is no way to access a repository with a private token, like Github. An SSH key is needed to fetch the code, and as of now, we cannot create and share these keys in Gemnasium. Also, creating and sharing these keys would make Gemnasium a part of each and every user’s projects, and we’re not certain how our users would feel about this. Of course, we think that Gemnasium should be everywhere, but we can’t just make that decision for you.

Because some users may not want to give us full access to their repositories, we have provided the following guidance on how to create a webhook for bitbucket manually.

We’d like make it clear that there’s no way to create a repo webhook without getting access to private repos. That’s because one has to grant simultaneously both the “webhook” and “repository” OAuth scopes otherwise Gemnasium won’t be able to create the hook, and the “repository” scope gives access to all the user’s private repos.

In order to support Bitbucket, we also had to make changes to how Gemnasium handles URLs. Prior to Bitbucket support, all URLs were composed with two part URLs, formatted in this manner:

https://gemnasium.com/[org]/[project]

The organization and project would be the same as listed for Github.com. In other words:

https://gemnasium.com/gemnasium/gemnasium-parser

would become

https://gemnasium.com/github.com/gemnasium/gemnasium-parser

This format still works, and is still used for GitHub repositories. We have simply (well, not so simply) added support for URLs with a different source (bitbucket.org) appended. This means that:

https://bitbucket.org/gemnasium/test-public

Is available at:

https://gemnasium.com/bitbucket.org/gemnasium/test-public

(All projects from Bitbucket.org must use this new url scheme) This might not seem a drastic change, but it was a definite challenge for our team because all of Gemnasium’s processes were based on two-part URLs.

Open Source Support and Continued Improvements

Gemnasium is a strong believer in open source, and want to help the development community as much as possible. For this reason, much like our support for GitHub, public projects on bitbucket.org are free of charge. And of course, we are always working to improve our product, including adding functionality to improve our Bitbucket support. In fact, as we speak our team is hard at work on supporting Bitbucket Server, the enterprise version of Bitbucket (formerly known as Stash), in the upcoming Gemnasiun Enterprise. We hope to be updating you on our progress shortly. Regardless, we are committing to far more regular updates to our blog, and to ensuring you have all the information they need to be successful with our product. Until next time!