Bitbucket Pipelines

Snyk integrates with Bitbucket Pipelines using a Snyk pipe, seamlessly scanning your application dependencies and Docker images for security vulnerabilities as part of the continuous integration/continuous delivery (CI/CD) workflow.
​Bitbucket Pipes enables users to customize and automate a Bitbucket Pipeline CI/CD workflow with a group of ready-to-use tasks that can be added inside of your pipelines by copying and pasting them from the Bitbucket interface.
With the Snyk pipe, you can quickly add Snyk scanning to your pipelines to test and monitor for vulnerabilities at different points of the CI/CD workflow, based on your configurations. Results are then displayed in the Bitbucket Pipelines output view and can also be monitored on the Snyk Web UI.
Snyk pipe information in Bitbucket
From the build directory, Bitbucket Pipelines displays a list of available pipes customized for you, similar to the list in the following screenshot:
Bitbucket Pipelines list of available pipes
On this list, find and click Snyk to view the pipe, examples, parameters, and values:
Snyk Scan pipe information
Setup and use details
For setup and use details, see the following pages:
​Language support for Bitbucket Pipelines integration​
​Bitbucket Pipelines integration: how it works​
​Prerequisites for Bitbucket Pipelines integration​
​Configure your Bitbucket Pipelines integration​
​How to add a Snyk pipe​
​Snyk pipe parameters and values (Bitbucket Cloud)​
​Example of a Snyk pipe for Docker​
​Example of a Snyk pipe for npm​

Simple example of a Snyk task to test a container image

Language support for Bitbucket Pipelines integration

Last modified 5d ago