Skip to main content

Bitbucket pipelines


GitGuardian CI/CD integration with Bitbucket pipeline is performed through our CLI application gg-shield. gg-shield is a wrapper around GitGuardian API for secrets detection that requires an API key to work.

⚠ Bitbucket pipelines do not support commit ranges therefore only your latest commit in a pushed group or in a new branch will be scanned.


Bitbucket pipeline output


  1. Create an API key within the API section of your GitGuardian workspace.
  2. Add this API key to the GITGUARDIAN_API_KEY environment variable in your project settings.

Bitbucket pipelines env

  1. Add a new step using gg-shield to your Bitbucket repository's pipeline.
stages:  - scanning
🦉 gitguardian scan:  image: gitguardian/ggshield:latest  stage: scanning  script: ggshield scan ci

You may be interested in using GitGuardian's Bitbucket integration to ensure full coverage of your Bitbucket repositories as well as full git history scans and reporting.