Build repositories from Bitbucket Server in a private network

Cloud Build enables you to create triggers to build from repositories hosted on Bitbucket Server, allowing you to execute builds in response to events such as commit pushes or pull requests associated with your Bitbucket Server repository.

This page explains how you can enable trigger functionality on a Bitbucket Server instance if your instance is hosted in a private network.

Before you begin

  • Enable the Cloud Build, Secret Manager, Compute Engine, and Service Networking APIs.

    Enable the APIs

  • If you have not created a private pool, follow the instructions in Create and manage private pools to create a private pool. You will need a private pool to build in a private network.

Building repositories from Bitbucket Server in a private network

If your Bitbucket Server instance is hosted in a private network and not reachable over a public internet connection, you must create a private connection between your VPC network and the service producer network. You also need a private pool to build in a private network.

To create a Bitbucket Server trigger to build in a private network:

  1. Create a private connection between the VPC network and your service producer network by completing the following steps:

    1. Create a new VPC network or select an existing VPC network.

    2. Allocate a named IP range in the VPC network for your peered network.

    3. Allocate an internal IP range in the VPC that the Cloud Build producer network can use to allocate to VMs maintaining a connection with private repositories.

      To use the VPC network with Cloud Build, your prefix length must be /23 or lower, such as /22, /21, etc.

      You can specify the range using the Classless Inter-Domain Routing (CIDR) routing notation in the format STARTING_IP/SUBNET_PREFIX_SIZE. For example, 192.0.2.0/24 has a prefix length of 24. The first 24 bits of the IP range are used as the subnet mask (192.0.2.0) while the possible hosts addresses range from 192.0.2.0 to 192.0.2.255.

    4. Establish a VPC network private connection between your VPC network and Google Cloud. To learn more, see Creating a private connection.

    5. If you have DNS configured for your Bitbucket Server instance, you need to manually peer your DNS zone to our service provider. To learn more, see the Sharing private DNS zones with service producers.

    6. [OPTIONAL] If you do not want to create a private connection from your Cloud project, you can set up a Shared VPC and have your Cloud project use that network instead if your project is part of an organization. You will still need the Shared VPC to be peered to the network.

  2. Use private pools to run your builds. If you have not created a private pool, see create a new private pool.

  3. Connect a Bitbucket Server host.

  4. Connect a Bitbucket Server repository.

  5. Create a Bitbucket Server trigger to build repositories hosted on a Bitbucket Server instance.

Your Bitbucket Server trigger will now automatically invoke builds on your Bitbucket Server instance based on your configuration. To learn how to run builds using a private pool, see Running builds in a private pool.

What's next