Migrating to Bitbucket Pipelines v1.0.0
When you are upgrading from < 1.0.0 to 1.0.0+, make the following changes in your configuration:
Use tags supported by Snyk images for the
LANGUAGE
variable instead of tags supported by Snyk CLI Docker images.Alternatively, you can provide your own custom image using the new
SNYK_BASE_IMAGE
variable
Basic app dependencies scan example
This example uses Snyk to scan a Node.js application and break the build if any vulnerabilities are found.
Equivalent Snyk images
The table that follows lists the Snyk CLI Docker images used in Bitbucket Pipelines < 1.0.0 and the equivalent Snyk images that can be used in Bitbucket Pipelines > 1.0.0.
Node.js 14 is installed in all Snyk CLI Docker images for the purpose of installing the CLI. In comparison, NodeJS is installed only in Snyk images containing the node
tag.
Note that the images will not be exactly like-for-like. Properties, including the base image, the installed Snyk CLI version, and others, will be different.
However, for the purpose of Bitbucket Pipelines, they are functionally equivalent.
Where the supported language or framework has reached end of life, it is highly recommended that you use your own user-defined custom images with newer versions of the language or framework that are still supported by the vendor.
Last updated