Bamboo Setup for Local Code Scanning

Bamboo (from Atlassian) can run CybeDefend local scans to keep your code private. Whether you’re using Docker tasks or an executable on the agent, you’ll upload only the minimal data to CybeDefend for analysis.

​

Prerequisites

• API Key: Create one via Introduction & API Key Creation and store it in Plan Variables (e.g. CYBEDEFEND_API_KEY).
• Branch Target: We advise scanning only your main branch to prevent mixing partial or experimental features.

​

Option 1: Docker-Based Task

If your Bamboo agent supports Docker:

1. Add a “Source Code Checkout” Task
   Ensures your repository is cloned into the workspace.
2. Docker Task
   • Command: “Run a Docker container”
   • Image: cybedefend/local-scanner:latest
   • Container Command:

     cybedefend scan . \
       --api-key ${bamboo.CYBEDEFEND_API_KEY} \
       --project-id ${bamboo.CYBEDEFEND_PROJECT_ID} \
       --ci
     

3. Save & Run
   On the first run, if the project doesn’t exist yet in CybeDefend, it will be created automatically.

​

Option 2: Executable Capability

1. Download Binary
   Place the cybedefend CLI on the Bamboo agent(s). Mark it executable (chmod +x cybedefend).
2. Agent Capability
   • In Bamboo, go to Build Resources → Agents.
   • Select the agent, add an Executable capability (e.g. label: “CybeDefend CLI,” path: /usr/local/bin/cybedefend).
3. Plan → Tasks
   • Add a Command task.
   • Under Executable, choose “CybeDefend CLI.”
   • Argument field:

     scan . --api-key ${bamboo.CYBEDEFEND_API_KEY} --project-id ${bamboo.CYBEDEFEND_PROJECT_ID} --ci
     

​

Checking Results

• Bamboo Logs: Check logs for a summary.
• Extra Command:

  cybedefend results --project-id ${bamboo.CYBEDEFEND_PROJECT_ID} --output html
  

• CybeDefend Dashboard: Full details on vulnerabilities, severity, and recommended fixes.