feat(tools/bitbucket): add initial Bitbucket bridge#739
Conversation
|
@potiuk , I have opened an initial PR for the Bitbucket bridge. This PR keeps the scope intentionally read-only and focuses on the foundation: Could you please specifically check whether:
I kept write operations out of this PR so the bridge stays safe and reviewable as a starting point. Thanks! |
|
Hi @potiuk I ran the Magpie review skill locally and addressed the main feedback before pushing the latest changes. I clarified the Bitbucket bridge scope as an initial read-only foundation rather than a complete tracker/change-request backend, added safer HTTP handling, pagination for Bitbucket Cloud and Data Center PR listing, clearer normalized read-only capability metadata, sandbox/egress allowlist updates, and aligned the docs across the adapter registry, capability list, vendor-neutrality page, and spec-loop adapter spec.
|
5ddee3d to
2dc82eb
Compare
potiuk
left a comment
There was a problem hiding this comment.
Really nice first cut of a Bitbucket bridge — strong security posture (HTTPS enforced via _require_https; the NoAuthRedirectHandler that stops Authorization leaking across a redirect; every URL path segment quote(..., safe="")-escaped; no subprocess/SQL), deterministic output (json.dumps(sort_keys=True)), Apache headers on every file, and genuinely good test coverage (URL construction, Cloud next + DC nextPageStart pagination, auth-scheme validation, normalization, CLI dispatch for both backends). Registry sync is complete (labels doc, workspace member, adapter/spec docs, egress + sandbox allowlists).
Heads-up: a maintainer (me) rebased this onto current main and force-pushed — it was behind the commits that landed today. As part of the rebase I regenerated uv.lock to a minimal, bitbucket-only add: the branch's lockfile had drifted — it dropped the [options] exclude-newer-span = "P7D" cooldown block and bumped ~9 unrelated deps. The regenerated lock preserves the 7-day cooldown (per AGENTS.md → Local setup) and touches nothing but the magpie-bitbucket member. I also approved the workflow run, so CI is now green (37/37). Please pull the rebased branch before pushing further so the drift doesn't come back.
Two things to sort before this can merge:
-
Capability label vs. what the tool implements. The README declares
**Capability:** contract:change-request, but also says it is "not a completecontract:change-requestbackend yet", andnormalize.pylabels outputpartial-change-request. It also reads repository metadata (acontract:source-controlsurface) without declaring that contract. Could you confirmcontract:change-requestis the intended "foundation" label for an admittedly-partial backend — the honest partial framing is fine if that's the call — and addcontract:source-controlif the repo-metadata reads are meant to be a supported surface? -
Where does the token persistently live? Auth arrives via
BITBUCKET_TOKEN/BITBUCKET_CLOUD_USERenv vars injected by the caller (good — nothing is committed in-tree), but AGENTS.md → Local setup requires persistent tokens to live under~/.config/apache-magpie/<tool>. Add a one-line pointer in the README's Configuration section so adopters don't stash it in the project tree.
Happy to re-review once those are addressed.
|
Summary
tools/bitbucketbridge for Bitbucket Cloud and Bitbucket Data Center so Magpie can start supporting Bitbucket-backed forge/change-request workflows.Type of change
.claude/skills/<name>/) — eval fixtures updated belowtools/<system>/*.md)tools/*/withpyproject.toml)docs/,README.md,CONTRIBUTING.md)projects/_template/)prek, workflows, validators)Test plan
prek run --all-filespassesuv run pytest/ruff check/mypypasses(
PYTHONPATH=tools/skill-evals/src python3 -m skill_evals.runner tools/skill-evals/evals/<skill>/)(a regression test for the bug fixed / the behaviour added — see CONTRIBUTING.md)
PYTHONPATH=src uv run pytest tests/test_bitbucket.pyRFC-AI-0004 compliance
<PROJECT>,<tracker>,<upstream>,<security-list>) used in all skill / tool prose (thecheck-placeholdersprek hook is the mechanical gate)Linked issues
Refs #606
Notes for reviewers (optional)
This PR intentionally keeps the Bitbucket bridge read-only. It establishes the package structure, CLI, config/auth handling, Cloud/Data Center API split, normalization layer, tests, workspace registration, and docs updates.
Follow-up PRs can extend this bridge with Bitbucket Issues, linked Jira handoff, PR comment/review/approve/decline/merge operations, branch permissions, and Pipelines status reads.