Uploaded image for project: 'OpenShift Pipelines'
  1. OpenShift Pipelines
  2. SRVKP-9108

Support Incoming Webhook feature on Bitbucket Data Center

XMLWordPrintable

    • Support Incoming Webhook feature on Bitbucket Data Center
    • 13
    • False
    • Hide

      None

      Show
      None
    • False
    • To Do
    • Hide
      With this update, the Incoming Webhook feature in Pipelines-as-Code (PaC) is now supported for Bitbucket Data Center. This enables users to manually trigger PipelineRuns by sending POST request to PaC controller, providing greater flexibility for custom integrations and workflows.
      Show
      With this update, the Incoming Webhook feature in Pipelines-as-Code (PaC) is now supported for Bitbucket Data Center. This enables users to manually trigger PipelineRuns by sending POST request to PaC controller, providing greater flexibility for custom integrations and workflows.
    • Feature
    • Done

      Problem Statement

       

      Currently, Pipelines as Code (PaC) on Bitbucket Data Center does not support Incoming webhook. This creates a significant limitation for enterprise teams who need to integrate PaC into a broader CI/CD ecosystem

      This Epic aims to close this feature gap by support Incoming webhook on Bitbucket Data Center, enabling a new class of powerful integrations.

       

      Proposed Solution

       

      We will implement the "Incoming Webhooks" feature, which is a proven and established pattern already available for other providers within Pipelines as Code. This provides a consistent user experience and leverages existing concepts.

      The core mechanism will involve:

      1. Configuration: Users will define an incoming: block within their Repository CRD. This configuration will specify:
        • A reference to a Kubernetes Secret containing a shared secret for authenticating webhook calls.
        • A list of targets (Git branches) that the webhook is authorized to trigger pipelines on.
      1. Triggering: An external system will send a generic, authenticated POST request to the dedicated PaC webhook endpoint.
      1. Execution Logic: The controller will:
        • Validate the request using the shared secret.
        • Verify that the target branch is in the allowed list.
        • Match and execute PipelineRuns located in the .tekton/ directory that are configured to run on [push] or [incoming] events.

       

      upstream issue: https://github.com/openshift-pipelines/pipelines-as-code/issues/724

      Goals & Acceptance Criteria

       

      • Feature Parity: The Bitbucket Data Center provider will have the same incoming webhook capabilities as the GitHub and GitLab providers.
      • External Integration: Users can successfully trigger PipelineRuns from any external tool capable of sending a POST request.
      • Security: The endpoint must be secured via a shared secret mechanism to prevent unauthorized execution.
      • Robustness: The implementation must be covered by comprehensive unit and end-to-end tests to ensure reliability.
      • Documentation: Clear, user-facing documentation will be created, explaining how to configure and use this feature with Bitbucket Data Center

              Unassigned Unassigned
              rh-ee-zashaikh Zaki Shaikh
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: