Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Bitbucket Pipes Digest: November 2024

Pipes monthly digest November 2024


Hi,

Welcome to the next Bitbucket Pipes digest. This month comes packed with additions to Pipes. Don’t forget to subscribe (click Watch and select Articles)!

New pipes

atlassian/forge-deploy

atlassian/forge-deploy:0.1.0

Perform forge deploy / install operations

script:
  - pipe: atlassian/forge-deploy:0.1.0
    variables:
      FORGE_EMAIL: "human@example.com"
      FORGE_API_TOKEN: $FORGE_API_TOKEN
      FORGE_APP_PATH: "./my_forge_app"

 

atlassian/bitbucket-dependency-scanner

atlassian/bitbucket-dependency-scanner:0.1.3

Bitbucket Security: Dependency Scanner

The bitbucket-dependency-scanner pipe scans your project's dependencies and detect publicly disclosed vulnerabilities associated CVE entries.

script:
  - pipe: atlassian/bitbucket-dependency-scanner:0.1.3

 

atlassian/ms-teams-notify

atlassian/ms-teams-notify:0.1.0

Send notification to MS Teams channel. 

script:
  - pipe: atlassian/ms-teams-notify:0.1.0
    variables:
      WEBHOOK_URL: $WEBHOOK_URL
      MESSAGE: 'Hello, world!'

 

atlassian/jsm-ops-send-alert

atlassian/jsm-ops-send-alert:0.1.0

Sends alert to JSM Ops

script:
  - pipe: atlassian/jsm-ops-send-alert:0.1.0
    variables:
      JSM_API_TOKEN: $JSM_API_TOKEN
      JSM_CLOUD_ID: $JSM_CLOUD_ID
      JSM_USER_EMAIL: $JSM_USER_EMAIL
      MESSAGE: 'Hello, world!'

 

userway/cicd-bitbucket

userway/cicd-bitbucket:1.1.9

Bitbucket pipe to trigger UserWay Continuous-Accessibility analysis

    // userway.config.js
    /** @type {import('@userway/cicd-cli').Config} */
    module.exports = {
      organization: 'my-organization-slug',
      project: 'my-project-name',
      token: process.env.USERWAY_TOKEN,
      reportPaths: ['./uw-a11y-reports']
    };

 

Updated pipes

atlassian/git-secrets-scan

atlassian/git-secrets-scan:3.0.0

Bitbucket Security: Secret Scanner

Scans your files for hardcoded secrets, keys, and passwords. Creates a security Code Insights report if secret is found.

  • Update gitleaks version.

  • Replace secrets scanning tool to gitleaks.

Breaking change! You have to update your pipe variables and commands. Take a look at the README for an additional information.

atlassian/bitbucket-iac-scan

atlassian/bitbucket-iac-scan:0.5.2

Bitbucket Security: Infrastructure as Code Security Scanner

Scans your Infrastructure as Code configuration files to ensure good security practises. Creates a security Code Insights report if issue is found.

  • Update kics docker image to v2.1.2-alpine.

  • Add support for FAIL_ON variable. Scan the sources and pipe should fail if the KICS scanner's result status code is more than or equal to provided threshold value.

  • Set the CREATE_REPORT default to True.

 

atlassian/aws-eks-kubectl-run

atlassian/aws-eks-kubectl-run:3.0.0

Execute a kubectl command on your Amazon EKS (Elastic Kubernetes Service) cluster.

  • Implemented support for AWS STS (using assume-role functionality). Breaking change! Variable ROLE_ARN renamed to AWS_ROLE_ARN.

 

atlassian/aws-lambda-deploy

atlassian/aws-lambda-deploy:1.12.0

Deploy function to AWS Lambda.

  • Implemented support for AWS STS (using assume-role functionality).

 

atlassian/pypi-publish

atlassian/pypi-publish:1.0.0

Publish your python package to pypi.org or any other python package registry.

  • Add support for pyproject.toml package configuration.

  • Upgrade pipe's base docker image to python:3.11-slim.

 

atlassian/google-cloud-storage-deploy

atlassian/google-cloud-storage-deploy:2.2.0

Deploy code to Google Cloud Storage.

  • Add support of EMPTY_BUCKET to empty bucket before deploy.

  • Add support of BLOB_NAME_PREFIX variable that allows to upload to custom destination blob.

 

sonarsource/sonarqube-scan

sonarsource/sonarqube-scan:3.0.2

Detect Bugs & Vulnerabilities in your repository

  • Use root user in the Docker image.

  • Change EXTRA_ARGS to support array syntax.

 

sonarsource/sonarcloud-scan

sonarsource/sonarcloud-scan:3.0.0

Detect bugs & vulnerabilities in your repository

  • Use the official SonarScanner CLI Docker as base image.

 

atlassian/google-gke-kubectl-run

atlassian/google-gke-kubectl-run:3.5.0

Run a kubectl command on your Google Kubernetes Engine cluster.

  • Update google-cloud-sdk to version 494.

 

atlassian/renovate-scan

atlassian/renovate-scan:0.7.0

This is a pipe to perform scan by Renovate

  • Add support for PRE_EXECUTION_SCRIPT variable.

  • Update pipe's base docker image to renovate:38.19-full.

 

atlassian/kubectl-run

atlassian/kubectl-run:3.11.0

Execute a kubectl command on your Kubernetes cluster.

  • Extend kubectl args with --validate=false when DISABLE_VALIDATION is set to true.

 

atlassian/jenkins-job-trigger

atlassian/jenkins-job-trigger:0.10.0

This is a pipe to trigger a Jenkins job

  • Fix: proper handling of inProgress build, 'unstable' build status.

  • Implement a feature to set custom sleep time with WAIT_SLEEP_TIME variable.

 

atlassian/checkstyle-report

atlassian/checkstyle-report:0.5.2

Finds Checkstyle report files in working directory and converts the results into a Bitbucket Code Insight Report.

  • Bump version of jackson-databind to 2.17.2 to fix security issues.

 

atlassian/azure-aks-deploy

atlassian/azure-aks-deploy:1.4.0

Deploy to AKS (Azure Kubernetes Service) using Kubectl.

  • Bump azure-cli to version 2.63.0.

  • Bump kubectl version to 1.31.0.

 

atlassian/azure-aks-helm-deploy

atlassian/azure-aks-helm-deploy:3.4.0

Deploy to AKS (Azure Kubernetes Service) using Helm.

  • Bump azure-cli to version 2.63.0.

  • Bump kubectl version to 1.31.0.

 

atlassian/trigger-pipeline

atlassian/trigger-pipeline:5.8.1

Trigger a pipeline in a Bitbucket repository.

  • Added ability to retry a failed pipeline.

 

atlassian/google-app-engine-deploy

atlassian/google-app-engine-deploy:1.7.0

Deploy an application to Google App Engine.

  • Update pipe's base docker image to google/cloud-sdk:487.0.0.

 

atlassian/serverless-deploy

atlassian/serverless-deploy:2.1.0

Deploy your Serverless framework application using AWS, Google Cloud Platform or Microsoft Azure providers

  • Upgrade pipe's base docker image to node:20-slim.

  • Update the Readme with details about The Serverless Framework version support. The pipe is based on The Serverless Framework V3 and will not be upgraded to V4 according to breaking changes in the new version.

 

debricked/debricked-scan

debricked/debricked-scan:4.0.0

Pipe for integrating Bitbucket with Debricked. Automatically analyse your latest commits and pull requests for known vulnerabilities.

  • Upgrade to debricked/cli v2.

 

To discover more pipes, visit our Bitbucket Pipes Marketplace.

 

Top Community questions

 

If you’d like to suggest a pipe to be improved or new pipe to be implemented, please, find the appropriate ticket in the list of existing tickets , vote for them or create a new suggestion request with type Suggestion and Component: Pipelines - Pipes.

If you’d like help with Bitbucket Pipes, or you have an issue or feature request, let us know on Community

 

2 comments

remmerci1
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
November 5, 2024

Hi,

what is the point of release a pipe integration for Microsoft Teams Webhook connectors since they are deprecated and soon replaced by Workflow?
But an integration to push notifications to Teams channels using the new recommended way (with Workflow) would be very appreciated :)
Others things about pipes listed here seems very interesting!

 

Rémi.

Igor Stoyanov
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 5, 2024

@remmerci1 hi. 
According this page isn't it just a replace old webhook url with new webhook url?
So you can paste your updated url and that's all?

Regards, Igor

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events