A job to approve Pull Requests from Renovate Bot on Bitbucket Cloud. This enables you to require Pull Request approvals on your repository while also utilising Renovate's "automerge" feature.
For Github, see renovatebot/renovate-approve-bot.
On each run, the bot will:
- Get all the open PRs from the Renovate Bot user
- Filter out PRs where "automerge" is disabled
- Approve the "automerge" PRs
Create a Bitbucket Cloud account for the renovate-approve-bot and add it to your team (Recommended)
Create an App password with
scope -
Grant read access on your repositories to the renovate-approve-bot account
Optionally, add the renovate-approve-bot account to the default reviewers if you require approval from default reviewers
Set the environment variables:
: Bitbucket username associated with the account used for renovate-approve-botBITBUCKET_PASSWORD
: Bitbucket App password created in step 2BITBUCKET_WORKSPACE
: Bitbucket workspace in which PR's will be searched for and approvedRENOVATE_BOT_USER
: Bitbucket username of your Renovate Bot
Run the bot (on a schedule similarly to Renovate Bot, e.g. as a Cron job):
With Docker:
docker run --rm \ --env BITBUCKET_USERNAME \ --env BITBUCKET_PASSWORD \ --env BITBUCKET_WORKSPACE \ --env RENOVATE_BOT_USER \ ghcr.io/renovatebot/renovate-approve-bot-bitbucket-cloud:latest
From source:
npm install --production node ./index.js
Example to run renovate-approve-bot in a custom Bitbucket Pipeline on a schedule:
to your repository variables -
Create a custom pipeline in your
filepipelines: custom: renovate-approve-bot: - step: name: Renovate Approve Bot image: ghcr.io/renovatebot/renovate-approve-bot-bitbucket-cloud:latest script: - export RENOVATE_BOT_USER=your-renovate-bot-user - node /opt/app/index.js
Create a schedule for the custom pipeline (e.g. Hourly)
If you discover any important bug with renovate-approve-bot-bitbucket-cloud
that may pose a security problem, please disclose it confidentially to renovate-disclosure@whitesourcesoftware.com first, so that it can be assessed and hopefully fixed prior to being exploited.
Please do not raise GitHub issues for security-related doubts or problems.