Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Bitbucket Pipes Digest: March 2025

Last updated: March 28, 2025

Pipes monthly digest March 2025


Hi,

Welcome to the next Bitbucket Pipes digest. This month comes packed with additions to Pipes. Don’t forget to subscribe (click Watch and select Articles)!

New pipes

atlassian/slack-attach-file

atlassian/slack-attach-file:0.1.1

Attach file to Slack.

Slack is organized spaces called channels — a different one for everything you’re working on. With all the people, messages and files related to a topic in one place, you can move a lot faster.

One of the most common operation a developer needs to do with Slack is sending a file to a channel which functionality is covered by this pipe.

 
script:
  - pipe: atlassian/slack-attach-file:0.1.1
    variables:
      TOKEN: $TOKEN
      FILEPATH: "./my_file.txt"
      CHANNEL_ID: "C0NF841BK"
      INITIAL_COMMENT: "my file comment"

 

blackduck-inc/blackduck-security-scan

blackduck-inc/blackduck-security-scan:0.0.1

Black Duck Security Scan pipe allows you to integrate Static Analysis Security Testing (SAST) and Software Composition Analysis (SCA) into your CI/CD pipelines.

It leverages bridge-cli, a foundational piece of technology that has built-in knowledge of how to run all major Blackduck security testing solutions.

 
script:
  - pipe: blackduck-inc/blackduck-security-scan:0.0.1
    variables:
      BRIDGE_POLARIS_SERVERURL: $BRIDGE_POLARIS_SERVERURL
      BRIDGE_POLARIS_ACCESSTOKEN: $BRIDGE_POLARIS_ACCESSTOKEN
      BRIDGE_POLARIS_ASSESSMENT_TYPES: 'SCA,SAST'

 

Updated pipes

atlassian/bitbucket-dependency-scanner

atlassian/bitbucket-dependency-scanner:0.7.0

The bitbucket-dependency-scanner pipe scans your project's dependencies and detect publicly disclosed vulnerabilities associated CVE entries.

  • Add support report generation in strict mode. If failOnCVSS level provided pipe will create report before fail.

  • Bump the pipe's base docker image to version 12.1.0.

  • Add limitation for CodeInsights annotation context length.

  • Add support for http retry handling for CodeInsights annotation.

 

atlassian/git-secrets-scan

atlassian/git-secrets-scan:3.1.0

Bitbucket Security: Secret Scanner

Scans your files for hardcoded secrets, keys, and passwords. Creates a security Code Insights report if secret is found.

  • Add commit to file path in annotations.

  • Update base docker image to v8.23.3.

 

atlassian/bitbucket-chatgpt-codereview

atlassian/bitbucket-chatgpt-codereview:0.2.0

Unlock AI's power of ChatGPT for code review of pull requests.

  • Add support for new OpenAI's ChatGPT models: o1, gpt-4o-mini, gpt-4o.

 

userway/cicd-bitbucket

userway/cicd-bitbucket:1.2.0

Bitbucket pipe to trigger UserWay Continuous-Accessibility analysis

  • Bumped @userway/cicd-core to the last production version.

  • Multiple improvements.

 

 

sonarsource/sonarcloud-scan

sonarsource/sonarcloud-scan:4.1.0

Detect bugs & vulnerabilities in your repository

  • Update Scanner CLI to 7.1 to support sonar.region=us.

  • Update Scanner CLI to 7.0.2.

 

atlassian/aws-eks-kubectl-run

atlassian/aws-eks-kubectl-run:3.2.0

Execute a kubectl command on your Amazon EKS (Elastic Kubernetes Service) cluster.

  • Update boto3 package to version 1.37.*.

  • Update the Readme. Fix the link in the Readme.

  • Bump awscli version to 2.27.27.

  • Bump kubectl version to 1.31.

 

atlassian/aws-s3-deploy

atlassian/aws-s3-deploy:2.0.1

Deploy to Amazon S3.

  • Update pipe logic for bash strict mode usage. Remove AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY from default repository variables.
    Breaking change! You have to update your pipe variables. Take a look at the README for an additional information.

 

atlassian/azure-aks-helm-deploy

atlassian/azure-aks-helm-deploy:3.4.3

Deploy to AKS (Azure Kubernetes Service) using Helm.

  • Update the Readme. Fix the link in the Readme.

 

atlassian/azure-functions-deploy

atlassian/azure-functions-deploy:2.2.1

Deploy Azure function code.

  • Bump base docker image to version 2.67.

 

atlassian/renovate-scan

atlassian/renovate-scan:0.10.0

This is a pipe to perform scan by Renovate

  • Bump base docker image to 39.187-full.

 

atlassian/crate-ci-typos-check

atlassian/crate-ci-typos-check:1.2.8

Source code spell checker

  • Fix to download the correct typos CLI.

 

sonarsource/sonarqube-scan

sonarsource/sonarqube-scan:4.0.0

Detect Bugs & Vulnerabilities in your repository

  • Update Scanner CLI to 7.0.2.

 

atlassian/trigger-pipeline

atlassian/trigger-pipeline:5.9.0

Trigger a pipeline in a Bitbucket repository.

  • Add support for REQUEST_READ_TIMEOUT variable. Use the variable to manage response wait times.

 

atlassian/scp-deploy

atlassian/scp-deploy:1.5.2

Copy files to a remote server using SCP.

  • Update the Readme. Fix variables yaml schema definition.

 

sonarsource/sonarqube-quality-gate

sonarsource/sonarqube-quality-gate:1.2.1

Check if a project / analysis passed the SonarQube Quality Gate check

  • Mention SonarQube Community Build in the README

 

atlassian/ms-teams-notify

atlassian/ms-teams-notify:0.2.0

Send notification to MS Teams channel.

  • Update README links and payload after moving from Connectors to Workflows.

 

atlassian/kubectl-run

atlassian/kubectl-run:3.12.0

Execute a kubectl command on your Kubernetes cluster.

  • Update kubectl version to 1.31.

  • Update awscli version to 2.22.27.

 

keepersecurity/keeper-secrets-manager-pipe

keepersecurity/keeper-secrets-manager-pipe:1.1.4

Inject Keeper Secrets Manager secrets into your build environment.

  • Fixed env variable typos in README

  • Fixed notation and destination splitter

  • Upgraded to bitbucket-pipe-release:5.8.0

  • Upgraded to keeper-secrets-manager-core>=16.6.6

 

atlassian/bitbucket-upload-file

atlassian/bitbucket-upload-file:0.7.4

Deploy a file (build artifacts, build reports, etc.) from Bitbucket Pipelines to Bitbucket Downloads.

  • Added logs and warnings about directory from upload.

 

atlassian/bitbucket-pipe-release

atlassian/bitbucket-pipe-release:5.8.0

Release a Bitbucket Pipe

  • Provide fix to Git dubious ownership by adding BITBUCKET_CLONE_DIR to safe directory.

 

To discover more pipes, visit our Bitbucket Pipes Marketplace.

 

Top Community questions

If you’d like to suggest a pipe to be improved or new pipe to be implemented, please, find the appropriate ticket in the list of existing tickets , vote for them or create a new suggestion request with type Suggestion and Component: Pipelines - Pipes.

If you’d like help with Bitbucket Pipes, or you have an issue or feature request, let us know on Community

Comment
Watch
Like Tomislav Tobijas likes this
55 views

0 comments

Comment

Log in or Sign up to comment
Oleksandr Kyrdan

Oleksandr Kyrdan

Atlassian Team
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.

About this author

63 accepted answers

373 total posts

View profile
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.