Security News
Combatting Alert Fatigue by Prioritizing Malicious Intent
In 2023, data breaches surged 78% from zero-day and supply chain attacks, but developers are still buried under alerts that are unable to prevent these threats.
The env-ci npm package is designed to detect the CI environment in which your code is running. It provides information about the Continuous Integration (CI) service, such as the branch name, commit SHA, and other relevant details. This can be useful for customizing behavior based on the CI environment.
Detect CI Environment
This feature allows you to detect if your code is running in a CI environment and provides details about the CI service, branch, and commit. The code sample demonstrates how to use the env-ci package to retrieve and log this information.
const envCi = require('env-ci');
const { isCi, service, branch, commit } = envCi();
console.log(`Running on CI: ${isCi}`);
console.log(`CI Service: ${service}`);
console.log(`Branch: ${branch}`);
console.log(`Commit: ${commit}`);
Custom CI Services
This feature allows you to add custom CI services to the detection logic. The code sample demonstrates how to configure a custom CI service and retrieve information about the branch and commit.
const envCi = require('env-ci');
const { isCi, service, branch, commit } = envCi({
services: [
{
name: 'custom-ci',
detect: () => Boolean(process.env.CUSTOM_CI),
configuration: () => ({
branch: process.env.CUSTOM_CI_BRANCH,
commit: process.env.CUSTOM_CI_COMMIT
})
}
]
});
console.log(`Running on CI: ${isCi}`);
console.log(`CI Service: ${service}`);
console.log(`Branch: ${branch}`);
console.log(`Commit: ${commit}`);
The ci-info package provides information about the current Continuous Integration environment. It can detect various CI services and provide details such as the service name and whether the code is running in a CI environment. Compared to env-ci, ci-info is more focused on providing basic CI detection without additional configuration options.
The ci-env package is another tool for detecting the CI environment. It provides information about the CI service, branch, and commit. Similar to env-ci, ci-env aims to provide detailed information about the CI environment, but it may not support as many CI services or custom configurations as env-ci.
Get environment variables exposed by CI services.
Adapted from codecov-node.
$ npm install --save env-ci
const envCi = require('env-ci');
const {name, service, isCi, branch, commit, tag, build, buildUrl, job, jobUrl, isPr, pr, slug, root} = envCi();
if (isCI) {
console.log(`Building branch ${branch} of repo ${slug} on ${name}`);
if (isPr) {
console.log(`Building Pull Request #${pr}`);
}
if (service === 'travis') {
// Do something specific to Travis CI
}
}
Variable | Description |
---|---|
name | CI service Commercial name (e.g. Travis CI , CircleCI , GitLab CI/CD ) |
service | Standardized CI service name (e.g. travis , circleci , gitlab ) |
isCi | true is running on a CI, false otherwise |
branch | Git branch being built or targeted by a pull request |
commit | Commit sha that triggered the CI build |
tag | Git tag that triggered the CI build |
build | CI service build number |
buildUrl | Link to the CI service build |
job | CI service job number |
jobUrl | Link to the CI service job |
isPr | true is the build has been triggered by a Pull Request, false otherwise |
pr | Pull Request number |
slug | The slug (in form: owner_name/repo_name) of the repository currently being built |
root | The path to the directory where the repository is being built |
Note: Some variables can be detected only on certain CI services. See Supported CI.
CI Service (name ) | service | isCi | branch | commit | tag | build | buildUrl | job | jobUrl | isPr | pr | slug | root |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
AppVeyor | appveyor | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
Bamboo | bamboo | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ |
Bitbucket | bitbucket | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | ✅ |
Bitrise | bitrise | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ✅ | ✅ | ✅ | ❌ |
Buddy | buddy | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ✅ | ✅ | ✅ | ❌ |
Buildkite | buildkite | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ✅ | ✅ | ✅ | ✅ |
CircleCI | circleci | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ❌ |
Cirrus CI | cirrus | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
AWS CodeBuild | codebuild | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
Codeship | codeship | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ |
Drone | drone | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ❌ | ✅ | ✅ | ✅ | ❌ |
Gitlab CI/CD | gitlab | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ✅ | ✅ |
Jenkins | jenkins | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | ✅ |
Semaphore | semaphore | ✅ | ✅ | ✅ | ❌ | ✅ | ❌ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ |
Shippable | shippable | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ |
TeamCity | teamcity | ✅ | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ✅ |
Travis CI | travis | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ |
Visual Studio Team Services | vsts | ✅ | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ | ❌ | ✅ |
Wercker | wercker | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | ✅ |
Note: If none of the above CI services is detected, commit
and branch
are determined based on the local Git repository, and isCi
is determined based on the CI
environment variable.
Type: Object
Type: Object
Default: process.env
The object to read environment variables from.
Type: String
Default: process.cwd()
The current working directory in which to execute git
commands used to determine the commit
and branch
Result properties in case no supported CI is detected.
Type: Object
Environment variables values exposed by the CI service.
branch
determinationCertain CI services don't provide an environment variable to determine the current Git branch being built.
In such cases the branch is determined with the command git rev-parse --abbrev-ref HEAD
.
However, if the local repository is in a detached head state the branch cannot be determined directly. In such case, env-ci
will look for the remote branches having the same HEAD as the local detached HEAD to determine the branch from which the detached HEAD was created.
In the rare case where there is multiple remote branches with the same HEAD as the local detached HEAD, env-ci
will arbitrarily pick the first one. This can lead to an inaccurate branch
value for certain CI services in such circumstances.
Affected CI services:
FAQs
Get environment variables exposed by CI services
The npm package env-ci receives a total of 1,349,750 weekly downloads. As such, env-ci popularity was classified as popular.
We found that env-ci demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In 2023, data breaches surged 78% from zero-day and supply chain attacks, but developers are still buried under alerts that are unable to prevent these threats.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.