Digcs 1 migrate bibucket to GitHub

[erioluwa-asiru]

Description

This PR adds a comprehensive guide for migrating projects from Bitbucket to GitHub. The guide provides step-by-step instructions to help users successfully migrate their repositories while maintaining their project history and structure.

Added docs pages

• Migrate Project from Bitbucket to GitHub (/guides/all/migrate-project-from-bibucket-to-github)

Updated docs pages

• No existing pages were updated

Summary

The new guide covers the complete migration process including:

• Pre-migration preparation and checklist
• Step-by-step migration instructions
• Post-migration verification steps
• Common issues and troubleshooting tips

This addresses the need for clear documentation on migrating between Git hosting platforms, making it easier for Port users to transition their projects from Bitbucket to GitHub.

[aws-amplify-eu-west-1]

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-2744.d2ngvl90zqbob8.amplifyapp.com

[sivanel97]

Hi, left some comments on the PR :)

[sivanel97]

The title of the page should be more specific in regards to what the guide does.

[sivanel97]

No need to number the headers :)

[sivanel97]

All headers should have a capital letter only for the first word. The rest of the sentence will be in lowercase letters. For example: "Promote scorecards". Unless one of them is a well known product such as Lambda, Kubernetes, ArgoCD, etc.

[sivanel97]

Please number the line like so:
And if the code is long put it in a collapsible as well. Same for the rest of the code snippets

Suggested change

	```json
	<details>
	<summary><b>Port port-app-config.yml (click to expand)</b></summary>
	```json showLineNumbers
	...
	</details>

[sivanel97]

Please add links to the relevant pages like so:

Suggested change

	1. From the **Builder Page**, select **Data sources**
	1. From the [Builder](https://app.getport.io/settings/data-model) page, select [data sources](https://app.getport.io/settings/data-sources).

[sivanel97]

I don't really see the purpose of this line, Is it suppose to be the header? :)

I suggest using the CONTRIBUTING.md file either with Cursor or ChatGPT to make sure the change is compatible with the docs standards.

You also need to add the guide to the /src/components/guides-section/consts.js so it appears in the guides section.

[hadar-co]

All guides should have this so that the sidebar isn't displayed when reading them

Suggested change

	# Migrate repositories from Bitbucket to GitHub using Port self-service actions
	---
	displayed_sidebar: null
	---
	# Migrate repositories from Bitbucket to GitHub using Port self-service actions

[hadar-co]

no need for this divider between headers, please remove

[hadar-co]

fix

[hadar-co]

same here, fix this "d."

[hadar-co]

again, remove divider (and all other dividers)

[hadar-co]

Suggested change

	## Scorecards (in the blueprints)
	## Scorecards

[hadar-co]

Suggested change

	## What’s Next
	## What’s next?

[hadar-co]

Suggested change

	## Setting up the GitHub and Bitbucket integrations on Port
	## Set up the GitHub and Bitbucket integrations

[hadar-co]

many of the headers in the page are not aligned to the structure we use in guides. Please see other guides and use the same structure, we wouldn't want each guide to look different

[qodo-merge-pro]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Secret exposure via CLI Description: The workflow clones Bitbucket repositories using BB_USERNAME and BB_PASSWORD embedded in the URL, which risks secret leakage via process lists, logs, or command history; use a credential helper or authenticated remote without echoing secrets. migrate-project-from-bibucket-to-github.md [586-621] Referred Code - name: Inform Port about migration start uses: port-labs/port-github-action@v1 with: clientId: ${{ secrets.PORT_CLIENT_ID }} clientSecret: ${{ secrets.PORT_CLIENT_SECRET }} operation: PATCH_RUN runId: ${{ fromJson(inputs.port_context).run_id }} logMessage: "Starting Bitbucket → GitHub repository migration... 🚀" # 3) Loop over each repository, create on GitHub, mirror from Bitbucket - name: Migrate repositories id: migrate_repos run: | echo "Authenticating with GitHub..." gh auth status # Track successful migrations successful_repos=() REPOS_JSON='${{ inputs.repositories }}' echo "Raw input: $REPOS_JSON" ... (clipped 15 lines)
	Sensitive information exposure Description: Logging "Starting Bitbucket → GitHub repository migration... 🚀" and raw inputs may unintentionally expose values (e.g., repositories JSON) to public logs if the repo/workflow runs in a public context; ensure inputs and logs avoid sensitive data. migrate-project-from-bibucket-to-github.md [589-595] Referred Code clientId: ${{ secrets.PORT_CLIENT_ID }} clientSecret: ${{ secrets.PORT_CLIENT_SECRET }} operation: PATCH_RUN runId: ${{ fromJson(inputs.port_context).run_id }} logMessage: "Starting Bitbucket → GitHub repository migration... 🚀" # 3) Loop over each repository, create on GitHub, mirror from Bitbucket
	Injection via metadata Description: Upserting repository properties to Port includes user-controlled fields like description which, if not sanitized server-side, could allow injection into downstream systems; verify server-side validation and escaping in Port ingestion. migrate-project-from-bibucket-to-github.md [748-756] Referred Code clientId: ${{ secrets.PORT_CLIENT_ID }} clientSecret: ${{ secrets.PORT_CLIENT_SECRET }} operation: UPSERT_ENTITY blueprint: ${{ matrix.repo.blueprint }} identifier: ${{ matrix.repo.identifier }} title: ${{ matrix.repo.title }} properties: ${{ toJSON(matrix.repo.properties) }} relations: ${{ toJSON(matrix.repo.relations) }}
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed
🔴	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Weak error handling: The workflow continues on failures (clone/create) using 'continue' without aggregating or reporting per-repo errors back to Port with actionable context, risking silent or partial failures. Referred Code echo "Cloning ${REPO_NAME} from Bitbucket project '${PROJECT}'..." git clone --mirror "https://${BB_USERNAME}:${BB_PASSWORD}@bitbucket.org/${PROJECT}/${REPO_NAME}.git" if [ $? -ne 0 ]; then echo "Failed to clone Bitbucket repository: ${REPO_NAME}" echo "::endgroup::" continue fi cd "${REPO_NAME}.git" # 3a) Create GitHub repository echo "Creating GitHub repo ${REPO_NAME}..." gh repo create "${GITHUB_ORG}/${REPO_NAME}" --${{ inputs.visibility }} --push --source . if [ $? -ne 0 ]; then echo "Failed to create GitHub repository: ${REPO_NAME}" echo "::endgroup::" continue fi # # 3b) Mirror from Bitbucket to GitHub # echo "Cloning ${REPO_NAME} from Bitbucket project '${PROJECT}'..." ... (clipped 29 lines)
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Audit coverage unclear: The guide and workflow describe migration steps but do not clearly ensure all critical actions and outcomes are consistently logged with user identity and timestamps beyond Port PATCH_RUN logs. Referred Code # This workflow is used to migrate a Bitbucket repository to GitHub repository # The repository is cloned from Bitbucket and pushed to GitHub even when the repository does not exist on GitHub # The workflow is triggered when a new repository is created in Bitbucket name: Migrate Bitbucket Repositories to GitHub on: workflow_dispatch: inputs: repositories: description: "JSON array of objects, each with 'name', 'workspace', and 'project'" required: true type: string visibility: description: "Repository visibility (public, private, internal)" required: true type: string default: private port_context: description: "JSON string with blueprint, run_id, etc. from Port." required: true ... (clipped 178 lines)
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Possible typos: New guide link and tags use mixed casing and a likely typo in path 'migrate-project-from-bibucket-to-github' and tag/logo 'BitBucket' which may be intentional branding but could reduce clarity. Referred Code title: "Migrate repositories from Bitbucket to GitHub", description: "Migrate repositories from Bitbucket to GitHub using Port self-service actions and GitHub Actions", tags: [ "BitBucket", "GitHub", "Actions", "Scorecards"], logos: ["BitBucket", "GitHub"], link: "/guides/all/migrate-project-from-bibucket-to-github",
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Secrets exposure risk: The workflow echoes inputs and statuses (e.g., printing raw repositories JSON and gh auth status); ensure these cannot include sensitive data and that secrets are never printed to logs. Referred Code echo "Authenticating with GitHub..." gh auth status # Track successful migrations successful_repos=() REPOS_JSON='${{ inputs.repositories }}' echo "Raw input: $REPOS_JSON" for row in $(echo "$REPOS_JSON" | jq -rc '.[]'); do
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Input validation gaps: The workflow trusts 'repositories' and 'visibility' inputs without explicit validation beyond types; additional checks (allowed visibility values, name sanitization) may be needed before shell use. Referred Code workflow_dispatch: inputs: repositories: description: "JSON array of objects, each with 'name', 'workspace', and 'project'" required: true type: string visibility: description: "Repository visibility (public, private, internal)" required: true type: string default: private port_context: description: "JSON string with blueprint, run_id, etc. from Port." required: true type: string jobs: migrate-bitbucket-repos: runs-on: ubuntu-latest steps: # 1) Inform Port that migration is starting ... (clipped 91 lines)

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label