Bitbucket
Learn how to integrate OpenText Core SCA with Bitbucket.
With CI integration to Bitbucket you can upload your latest commits and pull requests to OpenText Core SCA automatically, or whenever you run your pipeline.
Integrate a single repository
Start by generating an access token. Copy the token so that you can use it in the next step.
Configure your DEBRICKED_TOKEN by going to your repository -> Repository settings -> Repository variables.
Paste in the access token from the previous step. Make sure to secure the token, so that it does not show in the logs.
Go to your repository and add the following template to your "bitbucket-pipelines.yml" file (if the file doesn't exist, create one):
export: true
image:
name: atlassian/default-image:2
definitions:
pipelines:
debricked-scan: &debricked-scan
- step:
name: "Debricked Scan"
script:
- curl -LsS https://github.com/debricked/cli/releases/download/release-v2/cli_linux_x86_64.tar.gz | tar -xz debricked
- ./debricked scan
services:
- docker
pipelines:
default:
- <<: *debricked-scan
Commit your changes to "bitbucket-pipelines.yml" and watch the CI run.
Example output:
For more information on Bitbucket Pipes, please visit https://bitbucket.org/product/features/pipelines
Integrate multiple repositories
Note that this functionality is only available on the Bitbucket Premium plan.
Integrating many repositories with one configuration using Bitbucket can greatly simplify the process of managing and deploying code across multiple projects.
You can set this up with shared pipeline configurations:
Step 1: Create a Workspace variable
To avoid having to add the DEBRICKED_TOKEN to every integrated repository, it is possible to share the Debricked token between repositories. In order to enable this, you need to create a Workspace variable. Note: This can only be done by administrators:
Sign in to your organization.
From your profile avatar, select a workspace.
Click the Settings cog on the top navigation bar.
Click Workspace settings from the Settings drop-down menu.
In the menu on the left, go to Pipelines > Workspace variables.
Add your token to a secured variable called DEBRICKED_TOKEN.
Step 2: Create a repository for the shared pipeline definition
Set up a repository within your workspace for the shared pipeline definition:
Create a new repository in your workspace or enter an already existing one.
Create a "bitbucket pipelines yaml" file and paste the Debricked template contents. By default, the template sets up scanning in this repository as well. It is, however, possible to deactivate this, by removing or commenting out the bottom pipelines definition (rows 17-19):
export: true
image:
name: atlassian/default-image:2
definitions:
pipelines:
debricked-scan: &debricked-scan
- step:
name: "Debricked Scan"
script:
- curl -LsS https://github.com/debricked/cli/releases/download/release-v2/cli_linux_x86_64.tar.gz | tar -xz debricked
- ./debricked scan
services:
- docker
pipelines:
default:
- <<: *debricked-scan
Step 3: Set up a reference to the shared pipeline definition in the required repositories
The final step is to set up the reference template for all repositories you would like to integrate with Debricked.
Create a "bitbucket pipelines yaml" file in the repository that will reference the shared pipeline definition and paste the contents below.
Adjust the references to point to the repository and branch containing the file created in step 2:
pipelines:
default:
running-debricked-scan:
import: <repository_name>:<branch_name>:debricked-scanLast updated
Was this helpful?