Skip to main content
Skip table of contents

Bitbucket Pipeline

Note: As of June 1st, 2023, the Bitbucket Pipeline native integration is deprecated and no longer supported by Mend. For help with implementing alternative options, please reach out to your Mend Customer Success Manager:

Overview

Pipeline is an integrated CI/CD solution for Bitbucket Cloud. You can simplify and configure common actions in your pipeline, using pipes. Mend's pipe contains the Unified Agent.

NOTE: Before you begin, make sure that the relevant package manager is installed. For details, see Overview of the Unified Agent.

YAML Definitions

Add the following snippet to the script section of your bitbucket-pipelines.yml file:

CODE 
- pipe: WhiteSourceSoftware/whitesource-scan:1.5.0
  variables:
CODE 
    # API_KEY: '<string>'             # Optional
    # DIRECTORY: '<string>'           # Optional
    # CONFIG_FILE_PATH: '<string>'    # Optional
    # COMMANDS_FILE_PATH: '<string>'  # Optional
    # UA_JAVA_OPS: '<string>'         # Optional

Variables

Variable

Usage

Required

Default

API_KEY

Mend Organization Account API Key.

false

ApiKey found in config file

CONFIG_FILE_PATH

Unified Agent Configuration File location.

A relative path should be provided. Alternatively, a URL to the configuration file can be provided using one of the the following protocols: 'ftp://', 'http://', 'https://'.

false

'./wss-unified-agent.config'

DIRECTORY

Project to Scan Directory. Can contain multiple directories separated by commas.

false

'.'

COMMANDS_FILE_PATH

Path to the required bash commands in case any customization is required in the generic orb. Add packages to update and install, environment variables etc.

false

'./install-commands.sh'

UA_JAVA_OPTS

Options for the Java command executing the Unified Agent's JAR

false

Variables are optional, If the value is not supplied, the Mend Scanner will use the default value.

Details

The Mend Unified-Agent configuration file should be downloaded to a project. The configuration file path including the file name should be set in the 'config file path' variable.
More details for configuration file parameters can be found in the Unified Agent Configuration File & Parameters page.

You have the option to view the logs, and then navigate to the Mend GUI. The URL for the scan result link is indicated in the logs.

You can view the compliance and security data for the project that was scanned on Mend GUI (Web interface).

Starting with whitesource-scan version 1.3.0, if the Unified Agent fails inside the pipeline (meaning the Unified Agent's exit code is not 0), the pipe fails with the same exit code as the Unified Agent.

Prerequisites

  • Active Mend account with access to the GUI, and permissions to run Mend Unified Agent.

  • Active Bitbucket cloud account with one or more repositories.

Examples

Basic Example

CODE 
script:
  - pipe: WhiteSourceSoftware/whitesource-scan:1.5.0

Advanced Example

CODE 
script:
  - pipe: WhiteSourceSoftware/whitesource-scan:1.5.0
    variables:
        API_KEY: $API_KEY
        DIRECTORY: '.'
        CONFIG_FILE_PATH: './someFolder/wss-unified-agent.config'
        COMMANDS_FILE_PATH: './someFolder/install-commands.sh
        UA_JAVA_OPTS: '-Xms512m -Xmx1024m'

More Examples

Additional examples for CI/CD pipelines can be found at https://github.com/mend-toolkit/mend-examples/tree/main/CI-CD .  

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close