To configure CI secret scanning for Bitbucket, you will need to create two pipeline variables and create or add to your yaml pipeline script.
Note: This CI integration supports scanning of pull requests.
Create Variables:
The following two pipeline variables need to be created whether you are creating a new pipeline or using an existing pipeline:
Name: BLUBRACKET_INTEGRATION_KEY
Value: Create a BluBracket Integration API token
Steps to create a BluBracket API token:
https://support.blubracket.com/hc/en-us/articles/4403018405140-Event-and-Alert-APIs
Name: BLUBRACKET_CI_CD_API
Value: https://[your BluBracket tenant name]/api/analyzer/commit/scan
Example: https://acme.blubracket.com/api/analyzer/commit/scan
Pipeline Script:
The following should be added to your pipeline script:
pipelines: pull-requests: '**': - step: name: 'Run BluBracket Secret Scan' image: blubracket/ci-cd-scan:latest script: - echo "Running BluBracket Secret scan" - export SYSTEM_PULLREQUEST_PULLREQUESTNUMBER=$BITBUCKET_PR_ID - export BLUBRACKET_CI_CD_TOKEN=$BLUBRACKET_INTEGRATION_KEY - export BUILD_REPOSITORY_URI=$BITBUCKET_GIT_HTTP_ORIGIN - env - cd / - entrypoint.sh
Comments
0 comments
Please sign in to leave a comment.