Merge pull request #1365 from thawankeane/feature/bitbucket-repo-acce…

…ss-token

Feature: Add support for BitBucket Repository Access Token

CHANGELOG.md

@@ -16,6 +16,7 @@
 
 <!-- Your comment below this -->
 
+- Add support for BitBucket Cloud Repository Access Token - [@thawankeane]
 
 <!-- Your comment above this -->
 
@@ -2038,6 +2039,7 @@ Not usable for others, only stubs of classes etc. - [@orta]
 [@thii]: https://github.com/thii
 [@tibdex]: https://github.com/tibdex
 [@tim3trick]: https://github.com/tim3trick
+[@thawankeane]: https://github.com/thawankeane
 [@tychota]: https://github.com/tychota
 [@urkle]: https://github.com/urkle
 [@valscion]: https://github.com/valscion

docs/guides/the_dangerfile.html.md

@@ -39,6 +39,10 @@ export DANGER_BITBUCKETCLOUD_PASSWORD='yyyy'
 # You can get OAuth key from Settings > OAuth > Add consumer, put `https://bitbucket.org/site/oauth2/authorize` for `Callback URL`, and enable Read Pull requests, and Read Account Permissions.
 export DANGER_BITBUCKETCLOUD_OAUTH_KEY='xxxx'
 export DANGER_BITBUCKETCLOUD_OAUTH_SECRET='yyyy'
+
+# or for BitBucket Cloud by Repository Access Token
+# You can get a Repository Access Token from Repo Settings > Security > Acesss Tokens and set Pull requests write scope.
+export DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN='xxxx'
 ```
 
 Then the danger CLI will use authenticated API calls, which don't get this by API limits.

docs/usage/bitbucket_cloud.html.md

@@ -9,7 +9,7 @@ blurb: An overview of using Danger with BitBucket Cloud, and some examples
 To use Danger JS with BitBucket Cloud: you'll need to create a new account for Danger to use, then set the following
 environment variables on your CI:
 
-You could use either username with password or OAuth key with OAuth secret.
+You could use either username with password, OAuth key with OAuth secret or repository access token.
 
 For username and password, you need to set.
 
@@ -30,6 +30,13 @@ For OAuth key and OAuth secret, you can get them from.
 - `DANGER_BITBUCKETCLOUD_OAUTH_SECRET` = The consumer secret for the account used to comment, as show as `Secret` on the
   website.
 
+For [repository access token](https://support.atlassian.com/bitbucket-cloud/docs/repository-access-tokens/), what you
+need to create one is:
+
+- Open your repository URL
+- Navigate to Settings > Security > Access Tokens > Create Repository Access Token
+- Give it a name and set Pull requests write scope
+
 Then in your Dangerfiles you will have a fully fleshed out `danger.bitbucket_cloud` object to work with. For example:
 
 ```ts

source/ci_source/ci_source_helpers.ts

@@ -45,7 +45,11 @@ export async function getPullRequestIDForBranch(metadata: RepoMetaData, env: Env
     }
     return 0
   }
-  if (process.env["DANGER_BITBUCKETCLOUD_OAUTH_KEY"] || process.env["DANGER_BITBUCKETCLOUD_USERNAME"]) {
+  if (
+    process.env["DANGER_BITBUCKETCLOUD_OAUTH_KEY"] ||
+    process.env["DANGER_BITBUCKETCLOUD_USERNAME"] ||
+    process.env["DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN"]
+  ) {
     const api = new BitBucketCloudAPI(metadata, bitbucketCloudCredentialsFromEnv(env))
     const prs = await api.getPullRequestsFromBranch(branch)
     if (prs.length) {

source/ci_source/providers/BitbucketPipelines.ts

@@ -26,8 +26,9 @@ import { ensureEnvKeysExist, ensureEnvKeysAreInt } from "../ci_source_helpers"
  *
  * ### Token Setup
  *
- * You can either add `DANGER_BITBUCKETCLOUD_USERNAME`, `DANGER_BITBUCKETCLOUD_PASSWORD`
- * or add `DANGER_BITBUCKETCLOUD_OAUTH_KEY`, `DANGER_BITBUCKETCLOUD_OAUTH_SECRET`
+ * You can add `DANGER_BITBUCKETCLOUD_USERNAME` and `DANGER_BITBUCKETCLOUD_PASSWORD`
+ * or add `DANGER_BITBUCKETCLOUD_OAUTH_KEY` and `DANGER_BITBUCKETCLOUD_OAUTH_SECRET`
+ * or add `DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN`
  * -
  */
 

source/commands/danger-pr.ts

@@ -43,12 +43,13 @@ program
       !process.env["DANGER_BITBUCKETSERVER_HOST"] &&
       !process.env["DANGER_BITBUCKETCLOUD_OAUTH_KEY"] &&
       !process.env["DANGER_BITBUCKETCLOUD_USERNAME"] &&
+      !process.env["DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN"] &&
       !gitLabApiCredentials.token &&
       !gitLabApiCredentials.oauthToken
     ) {
       log("")
       log(
-        "     You don't have a DANGER_GITHUB_API_TOKEN/DANGER_GITLAB_API_TOKEN/DANGER_GITLAB_API_OAUTH_TOKEN/DANGER_BITBUCKETCLOUD_OAUTH_KEY/DANGER_BITBUCKETCLOUD_USERNAME set up, this is optional, but TBH, you want to do this."
+        "     You don't have a DANGER_GITHUB_API_TOKEN/DANGER_GITLAB_API_TOKEN/DANGER_GITLAB_API_OAUTH_TOKEN/DANGER_BITBUCKETCLOUD_OAUTH_KEY/DANGER_BITBUCKETCLOUD_USERNAME/DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN set up, this is optional, but TBH, you want to do this."
       )
       log("     Check out: http://danger.systems/js/guides/the_dangerfile.html#working-on-your-dangerfile")
       log("")

source/platforms/bitbucket_cloud/BitBucketCloudAPI.ts

@@ -21,7 +21,7 @@ import { RepoMetaData } from "../../dsl/RepoMetaData"
 export type BitBucketCloudCredentials = {
   /** Unique ID for this user, must be wrapped with brackets */
   uuid?: string
-} & (BitBucketCloudCredentialsOAuth | BitBucketCloudCredentialsPassword)
+} & (BitBucketCloudCredentialsOAuth | BitBucketCloudCredentialsPassword | BitBucketCloudCredentialsRepoAccessToken)
 
 interface BitBucketCloudCredentialsOAuth {
   type: "OAUTH"
@@ -35,6 +35,11 @@ interface BitBucketCloudCredentialsPassword {
   password: string
 }
 
+interface BitBucketCloudCredentialsRepoAccessToken {
+  type: "REPO_ACCESS_TOKEN"
+  accessToken: string
+}
+
 export function bitbucketCloudCredentialsFromEnv(env: Env): BitBucketCloudCredentials {
   const uuid: string | undefined = env["DANGER_BITBUCKETCLOUD_UUID"]
   if (uuid != null && uuid.length > 0) {
@@ -64,7 +69,17 @@ export function bitbucketCloudCredentialsFromEnv(env: Env): BitBucketCloudCreden
       uuid,
     }
   }
-  throw new Error(`Either DANGER_BITBUCKETCLOUD_OAUTH_KEY or DANGER_BITBUCKETCLOUD_USERNAME is not set`)
+
+  if (env["DANGER_BITBUCKETCLOUD_REPOSITORY_ACCESSTOKEN"]) {
+    return {
+      type: "REPO_ACCESS_TOKEN",
+      accessToken: env["DANGER_BITBUCKETCLOUD_REPOSITORY_ACCESSTOKEN"],
+    }
+  }
+
+  throw new Error(
+    `Either DANGER_BITBUCKETCLOUD_OAUTH_KEY, DANGER_BITBUCKETCLOUD_USERNAME or DANGER_BITBUCKETCLOUD_REPOSITORY_ACCESSTOKEN is not set`
+  )
 }
 
 export class BitBucketCloudAPI implements BitBucketCloudAPIDSL {
@@ -316,6 +331,8 @@ export class BitBucketCloudAPI implements BitBucketCloudAPIDSL {
       headers["Authorization"] = `Basic ${Buffer.from(
         this.credentials.username + ":" + this.credentials.password
       ).toString("base64")}`
+    } else if (this.credentials.type === "REPO_ACCESS_TOKEN") {
+      headers["Authorization"] = `Bearer ${this.credentials.accessToken}`
     } else {
       if (this.accessToken == null) {
         this.d(`accessToken not found, trying to get from ${this.oauthURL}.`)

source/platforms/platform.ts

@@ -120,6 +120,7 @@ export function getPlatformForEnv(env: Env, source: CISource): Platform {
   if (
     env["DANGER_BITBUCKETCLOUD_OAUTH_KEY"] ||
     env["DANGER_BITBUCKETCLOUD_USERNAME"] ||
+    env["DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN"] ||
     env["DANGER_PR_PLATFORM"] === BitBucketCloud.name
   ) {
     const api = new BitBucketCloudAPI(

source/runner/Executor.ts

@@ -315,7 +315,11 @@ export class Executor {
         let comment
         if (process.env["DANGER_BITBUCKETSERVER_HOST"]) {
           comment = bitbucketServerTemplate(dangerID, mergedResults, commitID)
-        } else if (process.env["DANGER_BITBUCKETCLOUD_OAUTH_KEY"] || process.env["DANGER_BITBUCKETCLOUD_USERNAME"]) {
+        } else if (
+          process.env["DANGER_BITBUCKETCLOUD_OAUTH_KEY"] ||
+          process.env["DANGER_BITBUCKETCLOUD_USERNAME"] ||
+          process.env["DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN"]
+        ) {
           comment = bitbucketCloudTemplate(dangerID, mergedResults, commitID)
         } else {
           comment = githubResultsTemplate(dangerID, mergedResults, commitID)

source/runner/jsonToDSL.ts

@@ -45,7 +45,11 @@ export const jsonToDSL = async (dsl: DangerDSLJSONType, source: CISource): Promi
     git = await localPlatform.getPlatformGitRepresentation()
   } else if (process.env["DANGER_BITBUCKETSERVER_HOST"]) {
     git = bitBucketServerGitDSL(bitbucket_server!, dsl.git, api as BitBucketServerAPI)
-  } else if (process.env["DANGER_BITBUCKETCLOUD_OAUTH_KEY"] || process.env["DANGER_BITBUCKETCLOUD_USERNAME"]) {
+  } else if (
+    process.env["DANGER_BITBUCKETCLOUD_OAUTH_KEY"] ||
+    process.env["DANGER_BITBUCKETCLOUD_USERNAME"] ||
+    process.env["DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN"]
+  ) {
     git = bitBucketCloudGitDSL(bitbucket_cloud!, dsl.git, api as BitBucketCloudAPI)
   } else if (process.env["DANGER_GITLAB_API_TOKEN"] || process.env["DANGER_GITLAB_API_OAUTH_TOKEN"]) {
     git = gitLabGitDSL(gitlab!, dsl.git, api as GitLabAPI)
@@ -74,7 +78,11 @@ const apiForDSL = (dsl: DangerDSLJSONType): Octokit | BitBucketServerAPI | GitLa
     return new BitBucketServerAPI(dsl.bitbucket_server!.metadata, bitbucketServerRepoCredentialsFromEnv(process.env))
   }
 
-  if (process.env["DANGER_BITBUCKETCLOUD_OAUTH_KEY"] || process.env["DANGER_BITBUCKETCLOUD_USERNAME"]) {
+  if (
+    process.env["DANGER_BITBUCKETCLOUD_OAUTH_KEY"] ||
+    process.env["DANGER_BITBUCKETCLOUD_USERNAME"] ||
+    process.env["DANGER_BITBUCKETCLOUD_REPO_ACCESSTOKEN"]
+  ) {
     return new BitBucketCloudAPI(dsl.bitbucket_cloud!.metadata, bitbucketCloudCredentialsFromEnv(process.env))
   }