A job to approve Pull Requests from Renovate Bot on Bitbucket Cloud. This enables you to require Pull Request approvals on your repository while also utilising Renovate's "automerge" feature.
For Github, see renovatebot/renovate-approve-bot.
On each run, the bot will:
- Get all the open PRs from the Renovate Bot user
- Filter out PRs where "automerge" is disabled
- Approve the "automerge" PRs
-
Create a Bitbucket Cloud account for the renovate-approve-bot and add it to your team (Recommended)
-
Create an App password with
pullrequest:write
scope -
Grant read access on your repositories to the renovate-approve-bot account
-
Optionally, add the renovate-approve-bot account to the default reviewers if you require approval from default reviewers
-
Set the environment variables:
BITBUCKET_USERNAME
: Bitbucket username associated with the account used for renovate-approve-botBITBUCKET_PASSWORD
: Bitbucket App password created in step 2RENOVATE_BOT_USER
: Bitbucket username of your Renovate Bot
-
Run the bot (on a schedule similarly to Renovate Bot, e.g. as a Cron job):
-
With Docker:
docker run --rm \ --env BITBUCKET_USERNAME \ --env BITBUCKET_PASSWORD \ --env RENOVATE_BOT_USER \ ghcr.io/renovatebot/renovate-approve-bot-bitbucket-cloud:latest
-
From source:
npm install --production node ./index.js
-
Example to run renovate-approve-bot in a custom Bitbucket Pipeline on a schedule:
-
Add
BITBUCKET_USERNAME
andBITBUCKET_PASSWORD
to your repository variables -
Create a custom pipeline in your
bitbucket-pipelines.yml
filepipelines: custom: renovate-approve-bot: - step: name: Renovate Approve Bot image: ghcr.io/renovatebot/renovate-approve-bot-bitbucket-cloud:latest script: - export RENOVATE_BOT_USER=your-renovate-bot-user - node /opt/app/index.js
-
Create a schedule for the custom pipeline (e.g. Hourly)
If you discover any important bug with renovate-approve-bot-bitbucket-cloud
that may pose a security problem, please disclose it confidentially to [email protected] first, so that it can be assessed and hopefully fixed prior to being exploited.
Please do not raise GitHub issues for security-related doubts or problems.