As part of our strategy to build for scale, security, and performance, Bitbucket Cloud is continuing to deliver features that help enterprise teams operate at scale to build world-class software.

We’ve made a lot of progress this year with new features across code review and CI/CD. We’ve added AI functionality, added features to help you scale your CI/CD workflows, and integrated with Forge, our cloud app development platform, to help you build customizations into Bitbucket to meet your specific needs.

Migrating to cloud: If you’re a Bitbucket Data Center customer looking to migrate to Bitbucket Cloud, sign up for a free trial of Bitbucket Cloud Premium. With Bitbucket Cloud (demo), you get a trusted, secure platform, with deep integrations to Atlassian tools and market-leading DevOps apps to help you connect your workflow from planning to production.

In this blog, we’re sharing some of what we’ve recently shipped and what we’re building.

Driving productivity with Atlassian Intelligence

Crafting clear, concise PR descriptions for complex changes can be time-consuming and frustrating. We know the struggle is real. That’s why we launched AI generated pull request (PR) descriptions.

Atlassian Intelligence analyzes your code changes and commit messages to learn what changes were made and uses this information to generate a PR description that effectively captures the key aspects of your changes.

With our ChatGPT code review pipe, you can now configure AI code review from your CI/CD pipeline. When you include the pipe in your CI pipeline, ChatGPT will analyze your code changes and leave comments on suggested fixes. Make those changes and commit so your peer reviewers can complete the review faster.

- pipe: atlassian/bitbucket-chatgpt-codereview:0.1.3
  variables:
    OPENAI_API_KEY: "<string>"
    BITBUCKET_ACCESS_TOKEN: "<string>"
    MODEL: "<string>"
    # ORGANIZATION: "<string>" # Optional
    # MESSAGE: "<string>" # Optional
    # FILES_TO_REVIEW: "<string>" # Optional
    # CHATGPT_COMPLETION_FILEPATH: "<string>" # Optional
    # CHATGPT_CLIENT_FILEPATH: "<string>" # Optional
    # CHATGPT_PROMPT_MAX_TOKENS: "<string>" # Optional
    # DEBUG: "<boolean>" # Optional

(roadmap) Rovo integration

With Atlassian Rovo launching soon, we are working to integrate Bitbucket Cloud repos, commits and pull requests into Rovo’s unified search. With unified search, you’ll be able to search across Atlassian tools like Jira, Bitbucket, Confluence as well as third-party tools like Google docs in one UI.

Bitbucket Cloud will also be integrated into Rovo chat, a chat UI that you can interact with to ask questions about your code.

A much improved pull request user experience

The pull request and code review workflow in Bitbucket is where your most critical work gets done to ensure that quality code gets merged into production. We’ve revamped the UI and added many new features to make it easier to review complex diffs more effectively.

With iterative review, when an author pushes a new commit based on your PR feedback, during your next review, you won’t have to re-review the whole PR again – you can choose to review only what changed since your last review.

As your team and products grow, it becomes hard to track who has expertise in various areas of your code base. This makes it hard to identify who are best qualified to review code changes. Now you can set up a code owners file in your repository and define ownership for specific code files/paths, enabling Bitbucket to auto-assign reviewers automatically based on what files are being modified.

# .bitbucket/CODEOWNERS

# Default reviewers for files not matching patterns below
*      alisha@example.com fred@example.com

# Choose all members of a workspace group
*.js   @workspace-slug/frontenders:all

# Choose group members tagged on the fewest open PRs
*.py   @workspace-slug/backenders:least_busy(2)

# Choose randomly from a custom team (defined in teams.yaml)
*.tf   @teams/sre-leads:random(2)

To manage code quality at scale, you can now build your own custom merge checks and have it show up with our native merge checks inside Bitbucket. This means you can create your own code compliance rules, e.g. no merges on weekends, check for Snyk security scan, or anything else, and Bitbucket will automatically check for compliance before every merge. On a premium plan, you can also choose to enforce the check so a merge will fail when your check fails. This is useful when you have strict requirements.

(roadmap) To help you scale these custom checks, we’re adding a global setting so admins can apply these checks at the workspace-level to manage code quality across all your projects and repositories.

More layers of security

Bitbucket Cloud runs on the same Atlassian Cloud platform that powers Jira, Confluence and other Atlassian products. Customer trust is at the center of what we do and security is our top priority. We’re transparent with our security program so you can feel informed and safe using our products and services.

Beyond platform level security, we are continuing to add security controls into the product that you can configure based on your internal compliance requirements.

Enforce private workspaces

Currently, a private Bitbucket workspace can contain both public and private repositories. Public repositories are used to collaborate with users outside your organization while private repositories can only be accessed by users who are part of your workspace. 

We’ve heard from many of your that due to security concerns, you want to be able to restrict your users from creating public repositories. With the launch of this feature, workspace admins on a Premium plan can now check a box to ensure that all projects and repositories created within your workspace are private. Users will not have the option to create public content. Learn more

(roadmap) Enforce signed commits

Signed commits add a layer of security to commits by authenticating the user who submitted it and ensuring that the commit has not been tampered with. By enforcing signed commits in Bitbucket, you’ll also be able to set rules to reject unsigned commits to ensure that all code being merged to production has been submitted by an authenticated user. If you have compliance policies that require the use of signed commits, this will satisfy those requirements.

CI/CD built for scale

We launched dynamic pipelines, which lets you use our Forge platform, to programmatically manage CI/CD pipelines at scale. You can build logic to dynamically generate pipeline yml based on the code context, or insert specific pipeline steps into all user generated pipelines to meet your compliance needs e.g. if a security scan is not part of the pipeline, it can be included dynamically during runtime. This lets you centrally manage CI/CD pipelines across your organization at scale.

We released our next-gen CI/CD runtime. With this launch, you can enable significantly larger instance sizes for your CI/CD workloads – giving your teams up to 8x more CPU and memory for their builds and 16x coming later this year.

We have a strong roadmap ahead.

(roadmap) The new runtime will act as the foundation for a range of powerful new future capabilities like ARM and multi-arch builds in cloud

(roadmap) You’ll be able integrate with with third-party secret management tools such as Vault, so you can centrally manage your secrets outside of Bitbucket.

(roadmap) Steps will have their default maximum execution time extended significantly, supporting much larger builds and more complex CI/CD workflows.

(roadmap) Access detailed insights and data related to your automated test suites to optimize your tests. Understand what types of tests are failing and causing your builds to break. Use these insights to improve your overall test health and reduce your build failure rates.

(roadmap) There are several benefits to moving your CI/CD to the cloud. We have customers who want to move off of legacy on-prem CI/CD tools like Jenkins. We are building migration tooling to help you automate migrating from Jenkins to Bitbucket Pipelines.

New to Bitbucket Cloud?

If you’re currently using Bitbucket Data Center and considering migrating to Bitbucket Cloud, here is a demo to that walks you through core functionality and you can build end to end developer workflows from planning to production on the Atlassian platform.

Migration resources: We have an Atlassian-supported free migration tool to help you move your code and metadata to Bitbucket Cloud, a migration planning guide, and if you have questions along the way, our support team is ready to help. Get started by signing up for a free extended trial of Bitbucket Cloud Premium.

What’s new & what’s coming to Bitbucket Cloud