BST-18006 Add the bitbucket pipelines scan tests (#271)

Test changes was only to trigger tests

Author: lindycoder

.github/workflows/scan-test.yml

@@ -6,6 +6,38 @@ on:
     paths: ['scanners/**']
 
 jobs:
+  bitbucket-action:
+    name: Bitbucket Pipelines
+    runs-on: ubuntu-latest
+    steps:
+      - name: Generate Bitbucket OAuth Token
+        id: bitbucket-token
+        run: |
+          response=$(curl -s -X POST \
+            "https://bitbucket.org/site/oauth2/access_token" \
+            -u "${{ secrets.BOOST_SCAN_RUNNER_BITBUCKET_CLIENT_ID }}:${{ secrets.BOOST_SCAN_RUNNER_BITBUCKET_CLIENT_SECRET }}" \
+            -d "grant_type=client_credentials")
+          
+          token=$(echo "$response" | jq -r '.access_token')
+          echo "token=$token" >> $GITHUB_OUTPUT
+          echo "::add-mask::$token"
+      - name: Checkout scanner registry
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Need full history to detect changes
+      - name: Run Tests
+        uses: boostsecurityio/scan-test-action@53e2f687ab93ac5d150b88abd7341b72f6fbf384
+        with:
+          provider: bitbucket
+          provider-config: |
+            {
+              "token": "${{ steps.bitbucket-token.outputs.token }}",
+              "workspace": "boostsecurityio",
+              "repo_slug": "scan-test-runner-bitbucket-pipelines"
+            }
+          registry-repo: "${{ github.repository_owner }}/${{ github.event.repository.name }}"
+          base-ref: "${{ github.base_ref }}"
+
   github-action:
     name: Github Actions
     runs-on: ubuntu-latest

docs/setup-bitbucket.md

@@ -58,7 +58,7 @@ Navigate to the scanner registry repository (GitHub):
   run: |
     response=$(curl -s -X POST \
       "https://bitbucket.org/site/oauth2/access_token" \
-      -u "${{ secrets.BITBUCKET_CLIENT_ID }}:${{ secrets.BITBUCKET_CLIENT_SECRET }}" \
+      -u "${{ secrets.BOOST_SCAN_RUNNER_BITBUCKET_CLIENT_ID }}:${{ secrets.BOOST_SCAN_RUNNER_BITBUCKET_CLIENT_SECRET }}" \
       -d "grant_type=client_credentials")
 
     token=$(echo "$response" | jq -r '.access_token')

scanners/boostsecurityio/trivy-fs/tests.yaml

@@ -1,12 +1,12 @@
 version: "1.0"
 tests:
-  - name: "osv-scanner"
-    type: "source-code"
-    source:
-      url: "git@github.com:google/osv-scanner.git"
-      ref: "main"
   - name: "gitleaks"
     type: "source-code"
     source:
       url: "git@github.com:gitleaks/gitleaks.git"
       ref: "v8.15.2"
+  - name: "osv-scanner"
+    type: "source-code"
+    source:
+      url: "git@github.com:google/osv-scanner.git"
+      ref: "main"

scanners/boostsecurityio/trivy-image/tests.yaml

@@ -6,5 +6,5 @@ tests:
       url: "https://github.com/martin-boost-dev/boost-poc-registry-testing-trivy"
       ref: "main"
     scan_paths:
-      - "osv-scanner"
       - "rclone"
+      - "osv-scanner"