Skip to main content
Skip table of contents

Configure and Enable Developer Platform for Bitbucket Cloud

This document assumes you have read the following documents:

Mend Platform Rollout Overview
Cloud Repository Rollout
Setting up the Mend UI for the Develop Platform Integration

Please read those documents prior to continuing

Setting Up the Mend Integration

The repository integration can be onboarded either silently or by pushing a configuration file into the repository for Mend to scan. This section will go over the implementation of both approaches.

Silent Rollout

Starting off with alerts can be disruptive for development teams that are not ready for the integration. A Silent Rollout allows an organization to scan all their repositories in order to understand their security posture without overwhelming their developers.

Once you are ready follow the documentation to Install Developer Platform for Bitbucket Cloud

  • When prompted to active on repositories select “All Repositories”

  • Select “Scan Only” Scan Behavior

  • Click “Confirm”

Phased Rollout

Mend Developer Platform for Bitbucket Cloud is configured through the user interface available developer.mend.io. Since this interface allows you to toggle various Mend features either globally or locally to that repo, it is given access to all the repositories of an entire workspace. To prevent a “Big Bang” where all developers suddenly have Mend results in their repositories each section should be followed in order for a smooth rollout process.

Create a Test Repository

It is important to do this prior to installing the Mend Developer Platform. After installation, there is a 6-8 hour sync of new repositories that can only be bypassed by removing and reinstalling the Mend Developer Platform.

To reduce noise, before the integration is installed create a test repository copying code from one of your own in-house repositories. This repository will be used to test and verify the integration settings before adding additional repositories.

Once you are ready follow the documentation to Install Developer Platform for Bitbucket Cloud

  • Make sure the integration only has access to the test repository created above by selecting “Only Selected Repositories”

  • Search for the Repository you wish to onboard

    • Do not give app access to other repositories yet

  • Select “Scan and alert” Scan Behavior

  • Click “Confirm”

You will see all of your repositories within the Developer Platform. However since “Only Selected Repositories” was used, all settings should be off globally and only the test repositories should have enabled settings.

Next Steps

Modify your result consumption settings by following: Enable Results Consumption for Developer Platform for Bitbucket Cloud

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close