Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Bitbucket Pipeline for git leaks claims success but has an empty report and shows errors in the logs

Ben
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 16, 2025

Attempting a PoC of secrets scanning with the following setup. It reports success and that no secrets have been found (even though I would expect it to detect things are secrets) and interestingly the pipeline log has some pretty significant errors. Is it actually working as expected and just not detecting those lines as secrets or it if failing and falsely reporting success?

bitbucket-pipelines.yml

pipelines:
  default:
    - step:
        script:
          - pipe: atlassian/git-secrets-scan:3.1.0

secrets.txt

password=thisissupersecret
apikey=anothersecret
aws_key_example = AKIAIOSFODNN7EXAMPLE
github_token_example = ghp_abcdefghijklmnopqrstuvwxyzABCDEFGH1234

Results:

pipeline results.png

Log entries of concern:

time="2025-06-16T18:56:44.373517654Z" level=error msg="AuthZRequest for HEAD /_ping returned error: authorization denied by plugin pipelines: "
...
time="2025-06-16T18:56:44.398829595Z" level=error msg="Handler for POST /v1.41/containers/create returned error: No such image: bitbucketpipelines/git-secrets-scan:3.2.0"

 

1 answer

1 accepted

0 votes
Answer accepted
Ben
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
June 18, 2025

Turns out it was just gitleaks not finding a match. This sample secret was detected as expected. Despite the errors in the pipeline log.

aws_access_key_id = AKIAQYLPMN5HHHFPZAM2

The original sample secrets I was using were generated by an LLM, which were clearly incorrect.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events