AI Agents SDE Task Viewer
      • Pr description
  1. Home
  2. AgentSDE
  3. agent-core
  4. gh-546
  5. changes
  6. pr_description.md
pr_description.md(1.8 KB)· Apr 24, 2026· 1 min read
  • BJ-6: BitbucketAdapter + POST /webhooks/bitbucket route
  • Problem
  • Task / Link
  • Changes
  • Notes
  • Testing

BJ-6: BitbucketAdapter + POST /webhooks/bitbucket route#

Problem#

The webhook pipeline only handled GitHub events. Bitbucket Cloud webhooks had no normalisation layer, blocking Atlassian integration tenants from using the AgentSDE pipeline.

Task / Link#

Closes #546 — BJ-6 (Atlassian Integration Wave 2)

Changes#

  • Added BitbucketAdapter implementing PlatformAdapter for Bitbucket Cloud webhooks (secret query-param + optional IP allowlist auth)
  • Added POST /webhooks/bitbucket controller handler that passes req.ip and req.query.secret to verifySignature
  • Normalises 7 Bitbucket event keys (pullrequest:created, pullrequest:approved, pullrequest:changes_request_created, pullrequest:fulfilled, pullrequest:comment_created, pullrequest:updated, repo:push) into DispatchEvents
  • Bot self-filter and /agentsde directive detection on pullrequest:comment_created
  • Registered BitbucketAdapter in WebhookModule providers and onModuleInit()
  • Added BITBUCKET_WEBHOOK_SECRET and BITBUCKET_WEBHOOK_IP_ALLOWLIST to config schema and .env.example

Notes#

  • Bitbucket webhooks have no HMAC — auth is via ?secret= query param (timing-safe comparison) + optional source-IP allowlist
  • IP allowlist is plain IP strings only (no CIDR) for v1; the env var is optional
  • BITBUCKET_WEBHOOK_SECRET is optional in Joi schema — route returns 401 via verifySignature when unset
  • Implementation delivered in PR #576 (feat/bj-6-bitbucket-adapter → rc/atlassian-integration, merged 2026-04-23)

Testing#

  • Unit tests in bitbucket.adapter.spec.ts cover: valid/invalid/missing secret, IP allowlist hit/miss/unconfigured, all 7 event keys, unknown event key, bot self-filter, /agentsde directive
  • npm run test passes; npm run lint passes (zero warnings)
PrdAi-done