SupportSnyk LearnAPI referenceProduct updatesSign up for free

Bitbucket Server/Data Center - install and configure using Docker

Before installing, review the prerequisites and the general instructions for installation using Docker.

This integration is useful to ensure a secure connection with your on-premise Bitbucket deployment.

This page describes two distinct authentication schemes: Basic Auth and Bearer (Personal Access Token). Your Bitbucket Server settings might preclude Basic Auth usage, in which case Bearer Auth is preferred.

Configure Broker to be used with Bitbucket using Basic Auth

The following explains how to configure Snyk Broker to use the Broker Client with a Bitbucket Server deployment.

To use the Snyk Broker Client with BitBucket, run docker pull snyk/broker:bitbucket-server. Refer to BitBucket Server/Data Center - environment variables for Snyk Broker for definitions of the environment variables.

If necessary, go to the Advanced configuration page and make any configuration changes needed, such as providing the CA (Certificate Authority) to the Broker Client configuration if the Bitbucket instance is using a private certificate, and setting up proxy support.

Docker run command to set up a Broker Client for Bitbucket using Basic Auth

Copy the following command to set up a fully configured Broker Client to analyze Open Source, IaC, Container, Code files, and Snyk Essentials information. Enable Snyk Essentials to identify your application assets, monitor them, and prioritize the risks.

Multi-tenant settings for regions When installing, you must add a command in your script to set the BROKER_SERVER_URL.This is the URL of the Broker server for the region where your data is hosted. For the commands and URLs to use, see Broker URLs.

docker run --restart=always \
           -p 8000:8000 \
           -e BROKER_TOKEN=<secret-broker-token> \
           -e BROKER_SERVER_URL=<broker-region-url> \
           -e BITBUCKET_USERNAME=<username> \
           -e BITBUCKET_PASSWORD=<password> \
           -e BITBUCKET=<your.bitbucket-server.domain.com (no http/s)> \
           -e BITBUCKET_API=<your.bitbucket-server.domain.com/rest/api/1.0 (no http/s)> \
           -e PORT=8000 \
           -e BROKER_CLIENT_URL=<http://broker.url.example:8000 (dns/IP:port)> \
           -e ACCEPT_IAC=tf,yaml,yml,json,tpl \
           -e ACCEPT_CODE=true \
           -e ACCEPT_Essentials=true \
       snyk/broker:bitbucket-server

Snyk Essentials is set by default to false. Enable it by setting the flag to true.

Configure Broker to be used with Bitbucket using a Personal Access Token (PAT)

The following explains how to configure Snyk Broker to use the Broker Client with a Bitbucket Server deployment using a Personal Access Token (PAT).

To use the Snyk Broker Client with BitBucket, run docker pull snyk/broker:bitbucket-server-bearer-auth. For definitions of the environment variables, refer to Bitbucket Server/Data Center - environment variables for Snyk Broker Basic Auth and Bitbucket Server/Data Center - environment variables for Snyk Broker Personal Access Token (PAT).

If necessary, go to the Advanced configuration page and make any configuration changes needed, such as providing the CA (Certificate Authority) to the Broker Client configuration if the Bitbucket instance is using a private certificate, and setting up proxy support.

Docker run command to set up a Broker Client for Bitbucket using a PAT

Copy the following command to set up a fully configured Broker Client to analyze Open Source, IaC, Container, Code files, and Snyk Essentials information. Enable Snyk Essentials to identify your application assets, monitor them, and prioritize the risks.

docker run --restart=always \
           -p 8000:8000 \
           -e BROKER_TOKEN=<secret-broker-token> \
           -e BITBUCKET_PAT=<personal-access-token> \
           -e BITBUCKET=<your.bitbucket-server.domain.com (no http/s)> \
           -e BITBUCKET_API=<your.bitbucket-server.domain.com/rest/api/1.0 (no http/s)> \
           -e PORT=8000 \
           -e BROKER_CLIENT_URL=<http://broker.url.example:8000 (dns/IP:port)> \
           -e ACCEPT_IAC=tf,yaml,yml,json,tpl \
           -e ACCEPT_CODE=true \
           -e ACCEPT_Essentials=true \
       snyk/broker:bitbucket-server-bearer-auth

Snyk Essentials is set by default to false. Enable it by setting the flag to true.

Start the Broker Client container and verify the connection with Bitbucket

Paste the Broker Client configuration to start the Broker Client container.

Once the container is up, the Bitbucket Integrations page shows the connection to Bitbucket and you can Add Projects

Basic troubleshooting for Broker with BitBucket

  • Run docker logs <container id> to look for any errors, where container id is the Bitbucket Broker container ID.

  • Ensure relevant ports are exposed to Bitbucket.

PreviousBitbucket Server/Data Center - prerequisites and steps to install and configure BrokerNextBitbucket Server/Data Center - install and configure using Helm

Last updated

Was this helpful?