Configuring a Pipelines Repository

SourceClear Software Composition Analysis

Configuring a Pipelines Repository

To scan using SourceClear, add the following to the last default configuration script command in the bitbucket-pipelines.yml file:
            pipelines:
  default:
    - step:
        script:
            - curl -sSL https://download.sourceclear.com/ci.sh | bash

         

Commit these changes to trigger a build for your repository, and SourceClear performs a scan and displays results to your SourceClear environment.

If you want to add SourceClear scanning to other repositories, add the installation and scan the code above to any bitbucket-pipelines.yml files you want. After you add the SRCCLR_API_TOKEN environment variable, you can perform scans on each new build.