Integrate Vulnetix CLI into Bitbucket Pipelines for automated security scanning. Upload SARIF, CycloneDX, SPDX reports from any security tool.
Add Vulnetix to Bitbucket Pipelines
Create bitbucket-pipelines.yml and run the Vulnetix CLI in your Bitbucket Pipelines pipeline. It collects SARIF, CycloneDX and SPDX artifacts automatically and uploads them for centralised vulnerability management:
image: alpine:latest
pipelines:
default:
- step:
name: Vulnetix Security Scan
script:
- apk add --no-cache curl
- curl -fsSL https://raw.githubusercontent.com/vulnetix/cli/main/install.sh | sh
- export PATH=$PATH:$HOME/.local/bin
- vulnetix scan
- vulnetix upload --file reports/results.sarif
Why run Vulnetix in Bitbucket Pipelines?
Every scan from every job lands in one queue, deduplicated and prioritised with EPSS, CISA KEV and Coalition ESS exploit intelligence — so your Bitbucket Pipelines pipeline gates merges on what is actually exploitable, not raw scanner noise.