GitGuardian CI/CD integration with Bitbucket pipeline is performed through our CLI application gg-shield. gg-shield is a wrapper around GitGuardian API for secrets detection that requires an API key to work.
⚠ Bitbucket pipelines do not support commit ranges therefore only your latest commit in a pushed group or in a new branch will be scanned.
- Create an API key within the API section of your GitGuardian workspace.
- Add this API key to the
GITGUARDIAN_API_KEYenvironment variable in your project settings.
- Add a new step using gg-shield to your Bitbucket repository's pipeline.
stages: - scanning 🦉 gitguardian scan: image: gitguardian/ggshield:latest stage: scanning script: ggshield scan ci
You may be interested in using GitGuardian's Bitbucket integration to ensure full coverage of your Bitbucket repositories as well as full git history scans and reporting.