{"meta":{"title":"Migrating from Bitbucket Pipelines with GitHub Actions Importer","intro":"Learn how to use GitHub Actions Importer to automate the migration of your Bitbucket pipelines to GitHub Actions.","product":"GitHub Actions","breadcrumbs":[{"href":"/en/actions","title":"GitHub Actions"},{"href":"/en/actions/tutorials","title":"Tutorials"},{"href":"/en/actions/tutorials/migrate-to-github-actions","title":"Migrate to GitHub Actions"},{"href":"/en/actions/tutorials/migrate-to-github-actions/automated-migrations","title":"Automated migrations"},{"href":"/en/actions/tutorials/migrate-to-github-actions/automated-migrations/bitbucket-pipelines-migration","title":"Bitbucket Pipelines migration"}],"documentType":"article"},"body":"# Migrating from Bitbucket Pipelines with GitHub Actions Importer\n\nLearn how to use GitHub Actions Importer to automate the migration of your Bitbucket pipelines to GitHub Actions.\n\n## About migrating from Bitbucket Pipelines with GitHub Actions Importer\n\nThe instructions below will guide you through configuring your environment to use GitHub Actions Importer to migrate Bitbucket Pipelines to GitHub Actions.\n\n### Prerequisites\n\n* An environment where you can run Linux-based containers, and can install the necessary tools.\n * Docker is [installed](https://docs.docker.com/get-docker/) and running.\n\n * [GitHub CLI](https://cli.github.com) is installed.\n > \\[!NOTE]\n > The GitHub Actions Importer container and CLI do not need to be installed on the same server as your CI platform.\n\n### Limitations\n\nThere are some limitations when migrating from Bitbucket Pipelines to GitHub Actions with GitHub Actions Importer.\n\n* Images in a private AWS ECR are not supported.\n* The Bitbucket Pipelines option `size` is not supported. If additional runner resources are required in GitHub Actions, consider using larger runners. For more information, see [Using larger runners](/en/actions/using-github-hosted-runners/about-larger-runners).\n* Metrics detailing the queue time of jobs is not supported by the `forecast` command.\n* Bitbucket [after-scripts](https://support.atlassian.com/bitbucket-cloud/docs/step-options/#After-script) are supported using GitHub Actions `always()` in combination with checking the `steps..conclusion` of the previous step. For more information, see [Contexts reference](/en/actions/learn-github-actions/contexts#steps-context).\n\n The following is an example of using the `always()` with `steps..conclusion`.\n\n ```yaml\n - name: After Script 1\n run: |-\n echo \"I'm after the script ran!\"\n echo \"We should be grouped!\"\n id: after-script-1\n if: \"${{ always() }}\"\n - name: After Script 2\n run: |-\n echo \"this is really the end\"\n echo \"goodbye, for now!\"\n id: after-script-2\n if: \"${{ steps.after-script-1.conclusion == 'success' && always() }}\"\n ```\n\n### Manual tasks\n\nCertain Bitbucket Pipelines constructs must be migrated manually. These include:\n\n* Secured repository, workspace, and deployment variables\n* SSH keys\n\n## Installing the GitHub Actions Importer CLI extension\n\n1. Install the GitHub Actions Importer CLI extension:\n\n ```bash copy\n gh extension install github/gh-actions-importer\n ```\n\n2. Verify that the extension is installed:\n\n ```bash\n $ gh actions-importer -h\n Options:\n -?, -h, --help Show help and usage information\n\n Commands:\n update Update to the latest version of GitHub Actions Importer.\n version Display the version of GitHub Actions Importer.\n configure Start an interactive prompt to configure credentials used to authenticate with your CI server(s).\n audit Plan your CI/CD migration by analyzing your current CI/CD footprint.\n forecast Forecast GitHub Actions usage from historical pipeline utilization.\n dry-run Convert a pipeline to a GitHub Actions workflow and output its yaml file.\n migrate Convert a pipeline to a GitHub Actions workflow and open a pull request with the changes.\n ```\n\n## Configuring credentials\n\nThe `configure` CLI command is used to set required credentials and options for GitHub Actions Importer when working with Bitbucket Pipelines and GitHub.\n\n1. Create a GitHub personal access token (classic). For more information, see [Managing your personal access tokens](/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-personal-access-token-classic).\n\n Your token must have the `workflow` scope.\n\n After creating the token, copy it and save it in a safe location for later use.\n\n2. Create a Workspace Access Token for Bitbucket Pipelines. For more information, see [Workspace Access Token permissions](https://support.atlassian.com/bitbucket-cloud/docs/workspace-access-token-permissions/) in the Bitbucket documentation. Your token must have the `read` scope for pipelines, projects, and repositories.\n\n3. In your terminal, run the GitHub Actions Importer `configure` CLI command:\n\n ```shell\n gh actions-importer configure\n ```\n\n The `configure` command will prompt you for the following information:\n\n * For \"Which CI providers are you configuring?\", use the arrow keys to select `Bitbucket`, press Space to select it, then press Enter.\n * For \"Personal access token for GitHub\", enter the value of the personal access token (classic) that you created earlier, and press Enter.\n * For \"Base url of the GitHub instance\", press Enter to accept the default value (`https://github.com`).\n * For \"Personal access token for Bitbucket\", enter the Workspace Access Token that you created earlier, and press Enter.\n * For \"Base url of the Bitbucket instance\", enter the URL for your Bitbucket instance, and press Enter.\n\n An example of the `configure` command is shown below:\n\n ```shell\n $ gh actions-importer configure\n ✔ Which CI providers are you configuring?: Bitbucket\n Enter the following values (leave empty to omit):\n ✔ Personal access token for GitHub: ***************\n ✔ Base url of the GitHub instance: https://github.com\n ✔ Personal access token for Bitbucket: ********************\n ✔ Base url of the Bitbucket instance: https://bitbucket.example.com\n Environment variables successfully updated.\n ```\n\n4. In your terminal, run the GitHub Actions Importer `update` CLI command to connect to GitHub Packages Container registry and ensure that the container image is updated to the latest version:\n\n ```shell\n gh actions-importer update\n ```\n\n The output of the command should be similar to below:\n\n ```shell\n Updating ghcr.io/actions-importer/cli:latest...\n ghcr.io/actions-importer/cli:latest up-to-date\n ```\n\n## Perform an audit of the Bitbucket instance\n\nYou can use the audit command to get a high-level view of pipelines in a Bitbucket instance.\n\nThe audit command performs the following steps.\n\n1. Fetches all of the pipelines for a workspace.\n2. Converts pipeline to its equivalent GitHub Actions workflow.\n3. Generates a report that summarizes how complete and complex of a migration is possible with GitHub Actions Importer.\n\n### Running the audit command\n\nTo perform an audit run the following command in your terminal, replacing `:workspace` with the name of the Bitbucket workspace to audit.\n\n```bash\ngh actions-importer audit bitbucket --workspace :workspace --output-dir tmp/audit\n```\n\nOptionally, a `--project-key` option can be provided to the audit command to limit the results to only pipelines associated with a project.\n\nIn the below example command `:project_key` should be replaced with the key of the project that should be audited. Project keys can be found in Bitbucket on the workspace projects page.\n\n```bash\ngh actions-importer audit bitbucket --workspace :workspace --project-key :project_key --output-dir tmp/audit\n```\n\n### Inspecting the audit results\n\nThe files in the specified output directory contain the results of the audit. See the `audit_summary.md` file for a summary of the audit results.\n\nThe audit summary has the following sections.\n\n#### Pipelines\n\nThe \"Pipelines\" section contains a high-level statistics regarding the conversion rate done by GitHub Actions Importer.\n\nListed below are some key terms that can appear in the \"Pipelines\" section:\n\n* **Successful** pipelines had 100% of the pipeline constructs and individual items converted automatically to their GitHub Actions equivalent.\n* **Partially successful** pipelines had all of the pipeline constructs converted, however, there were some individual items that were not converted automatically to their GitHub Actions equivalent.\n* **Unsupported** pipelines are definition types that are not supported by GitHub Actions Importer.\n* **Failed** pipelines encountered a fatal error when being converted. This can occur for one of three reasons:\n * The pipeline was originally misconfigured and not valid.\n * GitHub Actions Importer encountered an internal error when converting it.\n * There was an unsuccessful network response that caused the pipeline to be inaccessible, which is often due to invalid credentials.\n\n#### Build steps\n\nThe \"Build steps\" section contains an overview of individual build steps that are used across all pipelines, and how many were automatically converted by GitHub Actions Importer.\n\nListed below are some key terms that can appear in the \"Build steps\" section:\n\n* A **known** build step is a step that was automatically converted to an equivalent action.\n* An **unknown** build step is a step that was not automatically converted to an equivalent action.\n* An **unsupported** build step is a step that is either:\n * Fundamentally not supported by GitHub Actions.\n * Configured in a way that is incompatible with GitHub Actions.\n* An **action** is a list of the actions that were used in the converted workflows. This can be important for:\n * If you use GitHub Enterprise Server, gathering the list of actions to sync to your instance.\n * Defining an organization-level allowlist of actions that are used. This list of actions is a comprehensive list of actions that your security or compliance teams may need to review.\n\n#### Manual tasks\n\nThe \"Manual tasks\" section contains an overview of tasks that GitHub Actions Importer is not able to complete automatically, and that you must complete manually.\n\nListed below are some key terms that can appear in the \"Manual tasks\" section:\n\n* A **secret** is a repository or organization-level secret that is used in the converted pipelines. These secrets must be created manually in GitHub Actions for these pipelines to function properly. For more information, see [Using secrets in GitHub Actions](/en/actions/security-guides/using-secrets-in-github-actions).\n* A **self-hosted runner** refers to a label of a runner that is referenced in a converted pipeline that is not a GitHub-hosted runner. You will need to manually define these runners for these pipelines to function properly.\n\n#### Files\n\nThe final section of the audit report provides a manifest of all the files that were written to disk during the audit.\n\nEach pipeline file has a variety of files included in the audit, including:\n\n* The original pipeline as it was defined in GitHub.\n* Any network responses used to convert the pipeline.\n* The converted workflow file.\n* Stack traces that can be used to troubleshoot a failed pipeline conversion.\n\nAdditionally, the `workflow_usage.csv` file contains a comma-separated list of all actions, secrets, and runners that are used by each successfully converted pipeline. This can be useful for determining which workflows use which actions, secrets, or runners, and can be useful for performing security reviews.\n\n## Forecasting usage\n\nYou can use the `forecast` command to forecast potential GitHub Actions usage by computing metrics from completed pipeline runs in your Bitbucket instance.\n\n### Running the forecast command\n\nTo perform a forecast of potential GitHub Actions usage, run the following command in your terminal, replacing `:workspace` with the name of the Bitbucket workspace to forecast. By default, GitHub Actions Importer includes the previous seven days in the forecast report.\n\n```shell\ngh actions-importer forecast bitbucket --workspace :workspace --output-dir tmp/forecast_reports\n```\n\n### Forecasting a project\n\nTo limit the forecast to a project, you can use the `--project-key` option. Replace the value for the `:project_key` with the project key for the project to forecast.\n\n```shell\ngh actions-importer forecast bitbucket --workspace :workspace --project-key :project_key --output-dir tmp/forecast_reports\n```\n\n### Inspecting the forecast report\n\nThe `forecast_report.md` file in the specified output directory contains the results of the forecast.\n\nListed below are some key terms that can appear in the forecast report:\n\n* The **job count** is the total number of completed jobs.\n* The **pipeline count** is the number of unique pipelines used.\n* **Execution time** describes the amount of time a runner spent on a job. This metric can be used to help plan for the cost of GitHub-hosted runners.\n * This metric is correlated to how much you should expect to spend in GitHub Actions. This will vary depending on the hardware used for these minutes. You can use the [GitHub Actions pricing calculator](https://github.com/pricing/calculator) to estimate the costs.\n* **Concurrent jobs** metrics describe the amount of jobs running at any given time.\n\n## Performing a dry-run migration\n\nYou can use the dry-run command to convert a Bitbucket pipeline to an equivalent GitHub Actions workflow(s). A dry-run creates the output files in a specified directory, but does not open a pull request to migrate the pipeline.\n\n### Running the dry-run command\n\nTo perform a dry run of migrating a Bitbucket pipeline to GitHub Actions, run the following command in your terminal, replacing `:workspace` with the name of the workspace and `:repo` with the name of the repository in Bitbucket.\n\n```bash\ngh actions-importer dry-run bitbucket --workspace :workspace --repository :repo --output-dir tmp/dry-run\n```\n\n### Inspecting the converted workflows\n\nYou can view the logs of the dry run and the converted workflow files in the specified output directory.\n\nIf there is anything that GitHub Actions Importer was not able to convert automatically, such as unknown build steps or a partially successful pipeline, you might want to create custom transformers to further customize the conversion process. For more information, see [Extending GitHub Actions Importer with custom transformers](/en/actions/migrating-to-github-actions/automated-migrations/extending-github-actions-importer-with-custom-transformers).\n\n## Performing a production migration\n\nYou can use the migrate command to convert a Bitbucket pipeline and open a pull request with the equivalent GitHub Actions workflow(s).\n\n### Running the migrate command\n\nTo migrate a Bitbucket pipeline to GitHub Actions, run the following command in your terminal, replacing the following values.\n\n* Replace `target-url` value with the URL for your GitHub repository.\n* Replace `:repo` with the name of the repository in Bitbucket.\n* Replace `:workspace` with the name of the workspace.\n\n```bash\ngh actions-importer migrate bitbucket --workspace :workspace --repository :repo --target-url https://github.com/:owner/:repo --output-dir tmp/dry-run\n```\n\nThe command's output includes the URL of the pull request that adds the converted workflow to your repository. An example of a successful output is similar to the following:\n\n```bash\ngh actions-importer migrate bitbucket --workspace actions-importer --repository custom-trigger --target-url https://github.com/valet-dev-testing/demo-private --output-dir tmp/bitbucket\n[2023-07-18 09:56:06] Logs: 'tmp/bitbucket/log/valet-20230718-165606.log'\n[2023-07-18 09:56:24] Pull request: 'https://github.com/valet-dev-testing/demo-private/pull/55'\n```\n\n### Inspecting the pull request\n\nThe output from a successful run of the `migrate` command contains a link to the new pull request that adds the converted workflow to your repository.\n\nSome important elements of the pull request include:\n\n* In the pull request description, a section called **Manual steps**, which lists steps that you must manually complete before you can finish migrating your pipelines to GitHub Actions. For example, this section might tell you to create any secrets used in your workflows.\n* The converted workflows file. Select the **Files changed** tab in the pull request to view the workflow file that will be added to your GitHub repository.\n\nWhen you are finished inspecting the pull request, you can merge it to add the workflow to your GitHub repository.\n\n## Reference\n\nThis section contains reference information on environment variables, optional arguments, and supported syntax when using GitHub Actions Importer to migrate from Bitbucket Pipelines.\n\n### Using environment variables\n\nGitHub Actions Importer uses environment variables for its authentication configuration. These variables are set when following the configuration process using the `configure` command. For more information, see the [Configuring credentials](#configuring-credentials) section.\n\nGitHub Actions Importer uses the following environment variables to connect to your Bitbucket instance.\n\n* `GITHUB_ACCESS_TOKEN`: The personal access token (classic) used to create pull requests with a transformed workflow (requires `repo` and `workflow` scopes).\n* `GITHUB_INSTANCE_URL`: The url to the target GitHub instance. (e.g. `https://github.com`)\n* `BITBUCKET_ACCESS_TOKEN`: The workspace access token with read scopes for pipeline, project, and repository.\n\nThese environment variables can be specified in a `.env.local` file that will be loaded by GitHub Actions Importer at run time. The distribution archive contains a `.env.local.template` file that can be used to create these files.\n\n### Optional arguments\n\nThere are optional arguments you can use with the GitHub Actions Importer subcommands to customize your migration.\n\n#### `--source-file-path`\n\nYou can use the `--source-file-path` argument with the `dry-run` or `migrate` subcommands.\n\nBy default, GitHub Actions Importer fetches pipeline contents from the Bitbucket instance. The `--source-file-path` argument tells GitHub Actions Importer to use the specified source file path instead.\n\nFor example:\n\n```bash\ngh actions-importer dry-run bitbucket --workspace :workspace --repository :repo --output-dir tmp/dry-run --source-file-path path/to/my/pipeline/file.yml\n```\n\n#### `--config-file-path`\n\nYou can use the `--config-file-path` argument with the `audit`, `dry-run`, and `migrate` subcommands.\n\nBy default, GitHub Actions Importer fetches pipeline contents from the Bitbucket instance. The `--config-file-path` argument tells GitHub Actions Importer to use the specified source files instead.\n\n### Audit example\n\nIn this example, GitHub Actions Importer uses the specified YAML configuration file to perform an audit.\n\n```bash\ngh actions-importer audit bitbucket --workspace :workspace --output-dir tmp/audit --config-file-path \"path/to/my/bitbucket/config.yml\"\n```\n\nTo audit a Bitbucket instance using a config file, the config file must be in the following format, and each `repository_slug` must be unique:\n\n```yaml\nsource_files:\n - repository_slug: repo_name\n path: path/to/one/source/file.yml\n - repository_slug: another_repo_name\n path: path/to/another/source/file.yml\n```\n\n## Supported syntax for Bitbucket Pipelines\n\nThe following table shows the type of properties that GitHub Actions Importer is currently able to convert.\n\n| Bitbucket | GitHub Actions | Status |\n| :------------------------ | :---------------------------------------------- | ----------: |\n| `after-script` | `jobs..steps[*]` | Supported |\n| `artifacts` | `actions/upload-artifact` & `download-artifact` | Supported |\n| `caches` | `actions/cache` | Supported |\n| `clone` | `actions/checkout` | Supported |\n| `condition` | `job..steps[*].run` | Supported |\n| `deployment` | `jobs..environment` | Supported |\n| `image` | `jobs..container` | Supported |\n| `max-time` | `jobs..steps[*].timeout-minutes` | Supported |\n| `options.docker` | None | Supported |\n| `options.max-time` | `jobs..steps[*].timeout-minutes` | Supported |\n| `parallel` | `jobs.` | Supported |\n| `pipelines.branches` | `on.push` | Supported |\n| `pipelines.custom` | `on.workflow_dispatch` | Supported |\n| `pipelines.default` | `on.push` | Supported |\n| `pipelines.pull-requests` | `on.pull_requests` | Supported |\n| `pipelines.tags` | `on.tags` | Supported |\n| `runs-on` | `jobs..runs-on` | Supported |\n| `script` | `job..steps[*].run` | Supported |\n| `services` | `jobs..service` | Supported |\n| `stage` | `jobs.` | Supported |\n| `step` | `jobs..steps[*]` | Supported |\n| `trigger` | `on.workflow_dispatch` | Supported |\n| `fail-fast` | None | Unsupported |\n| `oidc` | None | Unsupported |\n| `options.size` | None | Unsupported |\n| `size` | None | Unsupported |\n\n### Environment variable mapping\n\nGitHub Actions Importer uses the mapping in the table below to convert default Bitbucket environment variables to the closest equivalent in GitHub Actions.\n\n| Bitbucket | GitHub Actions |\n| :-------------------------------------- | :---------------------------------------------------------- |\n| `CI` | `true` |\n| `BITBUCKET_BUILD_NUMBER` | `${{ github.run_number }}` |\n| `BITBUCKET_CLONE_DIR` | `${{ github.workspace }}` |\n| `BITBUCKET_COMMIT` | `${{ github.sha }}` |\n| `BITBUCKET_WORKSPACE` | `${{ github.repository_owner }}` |\n| `BITBUCKET_REPO_SLUG` | `${{ github.repository }}` |\n| `BITBUCKET_REPO_UUID` | `${{ github.repository_id }}` |\n| `BITBUCKET_REPO_FULL_NAME` | `${{ github.repository_owner }}`/`${{ github.repository }}` |\n| `BITBUCKET_BRANCH` | `${{ github.ref }}` |\n| `BITBUCKET_TAG` | `${{ github.ref }}` |\n| `BITBUCKET_PR_ID` | `${{ github.event.pull_request.number }}` |\n| `BITBUCKET_PR_DESTINATION_BRANCH` | `${{ github.event.pull_request.base.ref }}` |\n| `BITBUCKET_GIT_HTTP_ORIGIN` | `${{ github.event.repository.clone_url }}` |\n| `BITBUCKET_GIT_SSH_ORIGIN` | `${{ github.event.repository.ssh_url }}` |\n| `BITBUCKET_EXIT_CODE` | `${{ job.status }}` |\n| `BITBUCKET_STEP_UUID` | `${{ job.github_job }}` |\n| `BITBUCKET_PIPELINE_UUID` | `${{ github.workflow }}` |\n| `BITBUCKET_PROJECT_KEY` | `${{ github.repository_owner }}` |\n| `BITBUCKET_PROJECT_UUID` | `${{ github.repository_owner }}` |\n| `BITBUCKET_STEP_TRIGGERER_UUID` | `${{ github.actor_id }}` |\n| `BITBUCKET_SSH_KEY_FILE` | `${{ github.workspace }}/.ssh/id_rsa` |\n| `BITBUCKET_STEP_OIDC_TOKEN` | No Mapping |\n| `BITBUCKET_DEPLOYMENT_ENVIRONMENT` | No Mapping |\n| `BITBUCKET_DEPLOYMENT_ENVIRONMENT_UUID` | No Mapping |\n| `BITBUCKET_BOOKMARK` | No Mapping |\n| `BITBUCKET_PARALLEL_STEP` | No Mapping |\n| `BITBUCKET_PARALLEL_STEP_COUNT` | No Mapping |\n\n### System Variables\n\nSystem variables used in tasks are transformed to the equivalent bash shell variable and are assumed to be available. For example, `${system.}` will be transformed to `$variable_name`. We recommend you verify this to ensure proper operation of the workflow.\n\n## Legal notice\n\nPortions have been adapted from under the MIT license:\n\n```text\nMIT License\n\nCopyright (c) 2022 GitHub\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n```"}