Skip to main content

Overview

This document shows how to use the CodeAnt Quality Gates pipe in your Bitbucket pipelines. Reference Repository: quality-gates-codeant

Prerequisites

Before using the pipe, configure these repository variables in Repository Settings → Pipelines → Repository variables:
  • BITBUCKET_ACCESS_TOKEN - Your Bitbucket access token (App password or repository access token)

Basic Usage

Example 1: Run Quality Gates on Every Push

image: atlassian/default-image:3

pipelines:
  default:
    - step:
        name: CodeAnt Quality Gate Scan
        script:
          - pipe: docker://public.ecr.aws/d2p9q4a9/quality-gates:latest
            variables:
              ACCESS_TOKEN: $BITBUCKET_ACCESS_TOKEN

Example 2: Run Quality Gates on Pull Requests Only

image: atlassian/default-image:3

pipelines:
  pull-requests:
    '**':
      - step:
          name: CodeAnt Quality Gate Scan
          script:
            - pipe: docker://public.ecr.aws/d2p9q4a9/quality-gates:latest
              variables:
                ACCESS_TOKEN: $BITBUCKET_ACCESS_TOKEN
                API_BASE: "https://api.codeant.ai"
                TIMEOUT: "300"
                POLL_INTERVAL: "15"

Example 3: Run Quality Gates with Custom Configuration

image: atlassian/default-image:3

pipelines:
  branches:
    main:
      - step:
          name: Build Application
          script:
            - echo "Building application..."
            - npm install
            - npm run build

      - step:
          name: CodeAnt Quality Gate Scan
          script:
            - pipe: docker://public.ecr.aws/d2p9q4a9/quality-gates:latest
              variables:
                ACCESS_TOKEN: $BITBUCKET_ACCESS_TOKEN
                API_BASE: "https://api.codeant.ai"
                TIMEOUT: "600"
                POLL_INTERVAL: "20"

Example 4: Multi-Stage Pipeline with Quality Gates

image: atlassian/default-image:3

pipelines:
  branches:
    main:
      - parallel:
          - step:
              name: Run Tests
              script:
                - npm install
                - npm test

          - step:
              name: CodeAnt Quality Gate Scan
              script:
                - pipe: docker://public.ecr.aws/d2p9q4a9/quality-gates:latest
                  variables:
                    ACCESS_TOKEN: $BITBUCKET_ACCESS_TOKEN

      - step:
          name: Deploy to Production
          deployment: production
          script:
            - echo "Deploying to production..."
            - ./deploy.sh

Example 5: Quality Gates with Debug Mode

image: atlassian/default-image:3

pipelines:
  custom:
    debug-scan:
      - step:
          name: CodeAnt Quality Gate Scan (Debug)
          script:
            - pipe: docker://public.ecr.aws/d2p9q4a9/quality-gates:latest
              variables:
                ACCESS_TOKEN: $BITBUCKET_ACCESS_TOKEN
                API_BASE: "https://api.codeant.ai"
                DEBUG: "true"

Configuration Variables

VariableRequiredDefaultDescription
ACCESS_TOKENYes-CodeAnt access token for authentication
API_BASENohttps://api.codeant.aiBase URL for CodeAnt API
TIMEOUTNo300Maximum time in seconds to wait for results
POLL_INTERVALNo15Time in seconds between polling attempts
DEBUGNofalseEnable debug mode for verbose logging

How It Works

  1. The pipe fetches the quality gates script from the CodeAnt API
  2. It initiates a quality gate scan for your repository and commit
  3. It polls for results until the scan completes or times out
  4. If secrets or issues are detected, the pipeline fails
  5. If the quality gate passes, the pipeline continues

Execution Time Considerations

⏱️ Performance Options:
  • Default behavior (with result waiting): ~5-7 minutes
    • Triggers scan and waits for complete analysis results
    • Provides immediate feedback on secrets and security issues
    • Best for comprehensive CI/CD pipelines where you need instant validation
  • Custom timeout settings: Adjust based on repository size
    • Use TIMEOUT: "600" (10 minutes) for larger repositories
    • Use POLL_INTERVAL: "20" to reduce API polling frequency
    • Results can also be viewed in the CodeAnt dashboard
Tip: For faster PR checks on larger repositories, increase the timeout to avoid premature pipeline failures while the scan completes.

Troubleshooting

Pipeline Fails Immediately

Issue: Pipeline fails with “ACCESS_TOKEN is required but not set” Solution: Ensure you’ve set BITBUCKET_ACCESS_TOKEN in your repository variables.

Pipeline Times Out

Issue: Pipeline times out waiting for results Solution: Increase the TIMEOUT variable: 
- pipe: docker://public.ecr.aws/d2p9q4a9/quality-gates:latest
  variables:
    ACCESS_TOKEN: $BITBUCKET_ACCESS_TOKEN
    TIMEOUT: "600"  # 10 minutes

Connection Issues

Issue: Cannot connect to CodeAnt API Solution: Verify the API_BASE URL and check if you need to use a custom endpoint: 
- pipe: docker://public.ecr.aws/d2p9q4a9/quality-gates:latest
  variables:
    ACCESS_TOKEN: $BITBUCKET_ACCESS_TOKEN
    API_BASE: "https://api.codeant.ai"

Support

License

MIT License - see LICENSE file for details
I