Login Contact Us Book a Demo
Resources Blog Continuously Improve CI/CD with Sonatype Lifecycle and ...

Continuously Improve CI/CD with Sonatype Lifecycle and Bitbucket Code Insights

By

2 minute read time

Over the last few weeks, we've been highlighting our integrations with Atlassian, which bring open source governance insights into your favorite Atlassian tools. We have integrations for planning and building applications. We wanted to save our newest integration into developer tooling for last: Bitbucket Code Insights.

According to Atlassian, "Code Insights in Bitbucket Cloud lets you bring the best DevOps scanning, testing and analysis tools into your code review process."

Using Sonatype Lifecycle and Bitbucket Server or Cloud, developers experience better code reviews and bring open source component security and license information into your pull requests. Developers can see all the details needed to remediate any policy issues on their branch, and fix violations quickly. They can even drill down to the specific line(s) of code that introduced the violation, with instructions on how to fix them. No need to switch applications. No need to slow down the process. No need to fail builds, or return to this a week later because of a security report. This kind of information accelerates feedback loops for Bitbucket users that are critical to successful DevSecOps practices.

As a developer, you can:

  1. Choose the highest quality components from the start.
  2. Find out instantly if the code you just committed contains risk.
  3. Fix those issues in a few clicks.
  4. Commit your changes and move on to the next task.

Check out this video to see how our integrations with Jira Software, Bamboo, and Bitbucket work holistically to keep your application secure at every stage in the SDLC.

integration diagram

Want a more in-depth look into all of our integrations with Atlassian? Learn more about how we help development organizations deliver higher quality applications faster.
Picture of Kevin Miller

Written by Kevin Miller

Kevin Miller is a Product Marketing Manager at Sonatype where he works to empower the development community to shift component choice and security left. He believes that putting the right tools and options in the hands of developers will help accelerate software innovation and minimize open source ...

Tags

Try Nexus Repository Free Today

Sonatype Nexus Repository is the world’s most trusted artifact repository manager. Experience the difference and download Community Edition for free.

Download Now

Share