Comment on page
Bitbucket Pipelines integration using a Snyk pipe
Snyk integrates with Bitbucket Pipelines using a Snyk pipe, seamlessly scanning your application dependencies and Docker images for security vulnerabilities as part of the continuous integration/continuous delivery (CI/CD) workflow.
Bitbucket Pipes enables users to customize and automate a Bitbucket Pipeline CI/CD workflow with a group of ready-to-use tasks that can be added inside of your pipelines by copying and pasting them from the Bitbucket interface.
With the Snyk pipe, you can quickly add Snyk scanning to your pipelines to test and monitor for vulnerabilities at different points of the CI/CD workflow, based on your configurations. Results are then displayed in the Bitbucket Pipelines output view and can also be monitored on the Snyk Web UI.
From the build directory, Bitbucket Pipelines displays a list of available pipes customized for you, similar to the list in the following screenshot:
Bitbucket Pipelines list of available pipes
On this list, find and click Snyk to view the pipe, examples, parameters, and values:
Snyk Scan pipe information
For setup and use details, see the following pages: