Bitbucket Pipelines

Bitbucket Pipelines adds Continuous Delivery to Bitbucket Cloud.

Since it is built on docker RIPS can be quickly integrated using our rips-cli docker container.


The RIPS Scan can be added as a pipeline step to the bitbucket-pipelines.yml file. The following example showcases this setup that breaks the build if the analysis detects more than one security vulnerability:

    - step:
        name: RIPS Scan
        image: rips/rips-cli:3
          - rips-cli -vvv rips:scan:start -a $RIPS_APP_ID -p $BITBUCKET_CLONE_DIR -t 1


For a successfull scan you need to configure your credentials and the RIPS endpoint. This takes place in SettingsPIPELINES → Environment Variables. The sensitive parameters should be added as "masked and encrypted variables" (closed lock symbol).


The Application ID in RIPS under which the scans should be performed.
(note: the application must exist and is not automatically created)


URI of the RIPS API that should be used for scanning.
Our SaaS API is available at This API also works for trial accounts.
For On-premises, make sure to also add the port of your API, for example:

RIPS_PASSWORDPassword of your RIPS user account that should be used for scanning.
RIPS_EMAILEmail of your RIPS user account that should be used for scanning.

On-Premises Security

Bitbucket Pipelines is a remote service. If you are using RIPS on-premises as a local installation you will need to open the API port (default: 8080) of your RIPS server so it can be accessed by Bitbucket.

Although your API requires your login credentials for authentication, we recommend to restrict remote connections to your API port to the IP addresses of Bitbucket.

Further, we recommend to setup a SSL proxy so your traffic from Bitbucket to your server is encrypted. You can find instructions in the advanced section of our installation manual.

Further Reading

Since it is the rips-cli that is running in the docker container it is best to consult the rips-cli documentation to find out more commands and configuration options.