The SCANOSS webhook is a multiplatform webhook that performs source code scans against the SCANOSS API. Supports integration with GitHub, GitLab and BitBucket APIs.
SCANOSS provides a source code scanner that can be used to detect Open Source dependencies in your code.
The purpose of this code is to offer a reference implementation that can be expanded to suit the needs of individuals and organisations.
For building and intallation see the guide How to build and deploy.
On the webhook user's settings (in your Bitbucket account), you can create an App password, with repository write permissions.
- From Bitbucket, open the repository where you want to add the webhook.
- Click the Settings link on the left side.
- From the links on the Settings page, click the Webhooks link.
- Click the Add webhook button to create a webhook for the repository. The Add new webhook page appears. Fill in the name, and URL, and make sure that the webhook can receive pull requests.
You can check the extended instructions on the Bitbucket webhooks documentation
bitbucket:
api-base: https://bitbucket.org/ # This can also be your local bitbucket deployment URL.
api-key: your-bb-app-password
api-user: your-bb-user-name
scanoss:
url: https://api-url-for-scanoss.example.com
token: my-scanoss-token