> For the complete documentation index, see [llms.txt](https://help.aikido.dev/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://help.aikido.dev/container-image-scanning/local-image-scanning/bitbucket-pipeline-setup-for-local-image-scanning.md).

# BitBucket Pipeline Setup for Local Image Scanning

The Aikido Security Local Scanner is a tool that enables you to perform Aikido Security scans within your environment, ensuring your data never leaves your premises. The scans take place locally, and the results are then uploaded to the Aikido Security platform. This setup allows you to scan any images locally on your own machine or in your CI/CD pipeline before they get sent to the registry.

## How to set up Local Scanning for images <a href="#how-to-set-up-local-scanning-for-images" id="how-to-set-up-local-scanning-for-images"></a>

### 1. Get your authentication token <a href="#id-1-get-your-authentication-token" id="id-1-get-your-authentication-token"></a>

1. Go to the [Local Scanner Image setup page](https://app.aikido.dev/settings/container-image-registry/add/localscan)
2. Generate an authentication token and copy. Note that you will only be able to view this token once.
3. Add the authentication token to the Repository variables in Bitbucket to make it available for use in the pipeline. To do this, you need to go to your Repository Settings. Then navigate to **Pipelines > Repository variables.** There you can add the authentication token with `AIKIDO_API_KEY` as the key and the copied token contents as the value.

### 2. Running the Local Scanner <a href="#id-2-running-the-local-scanner" id="id-2-running-the-local-scanner"></a>

Now all that is left to run the scanner on your image. You can use this example file as a guide:

```yaml
image: docker:25.0.3

pipelines:
  default:
    - step:
        name: Build Docker Image
        image: docker:25.0.3
        services:
          - docker
        script:
          - export PATH=/usr/bin:$PATH
          - docker build -t my-image .
          - docker save --output my-image.tar my-image
        artifacts:
          - my-image.tar
    - step:
        name: Scan Docker Image
        image: aikidosecurity/local-scanner
        script:
          - aikido-local-scanner image-scan my-image.tar --image-name my-image --apikey $AIKIDO_API_KEY
```

### 3. Check your scanning results <a href="#id-4-check-your-scanning-results" id="id-4-check-your-scanning-results"></a>

After your first scan is done, you can go to the Aikido Feed to check out your results. An image with the name you specified will have been created in the Aikido UI, containing all results from the scanning.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://help.aikido.dev/container-image-scanning/local-image-scanning/bitbucket-pipeline-setup-for-local-image-scanning.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.