Migrating to Bitbucket Pipelines v1.0.0
When upgrading from Bitbucket Pipelines < 1.0.0 to v1.0.0+, there are some changes to note
Changes required
When upgrading from < 1.0.0 to 1.0.0+, the following changes should be made to your configuration:
Please use tags supported by Snyk Images for the
LANGUAGEvariable instead of tags supported by Snyk CLI Docker imagesAlternately, users can provide their own custom image using the new
SNYK_BASE_IMAGEvariable
Example
Basic app dependencies scan example
Uses Snyk to scan a Node.js application and break the build if any vulnerabilities found.
Equivalent Snyk Images
The table below lists the Snyk CLI Docker images used in Bitbucket Pipelines < 1.0.0 and the equivalent Snyk Images that can be used in Bitbucket Pipelines > 1.0.0.
NodeJS 14 is installed in all Snyk CLI Docker images for the purpose of installing the CLI. In comparison, NodeJS is only installed Snyk Images containing the node tag
Note that the images will not be exactly like-for-like. Properties like the base image, the installed Snyk CLI version, etc will be different.
But for the purpose of Bitbucket Pipelines, they are functionally equivalent.
Where the supported language/framework has reached EOL, it is highly recommended to use your own user defined custom images with newer versions of the language/framework that is still supported by the vendor.
Snyk CLI Docker images tag | Snyk Images tag |
no direct equivalent* | |
no direct equivalent* | |
no direct equivalent* | |
no direct equivalent* | |
no direct equivalent* | |
no direct equivalent* | |
no direct equivalent* | |
no direct equivalent* |
* There are a selection of gradle Snyk Images which may suit your needs
Last updated