Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: example setup for circle ci #1207

Merged
merged 5 commits into from
Aug 25, 2023
Merged
Changes from 4 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
67 changes: 67 additions & 0 deletions docs/guides/ci-setup.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,73 @@ GitLab's guide on [Running CI/CD jobs in Docker containers](https://docs.gitlab.

For more details and additional configuration, see our [guide to using GitLab](/guides/gitlab/).

## CircleCI

To integrate with CicleCI you can add the following job to your `.circleci/config.yml`
gotbadger marked this conversation as resolved.
Show resolved Hide resolved

```yml
version: 2.1

jobs:
bearer:
machine:
image: ubuntu-2204:2023.07.2
environment:
# Set to default branch of your repo
DEFAULT_BRANCH: main
steps:
- checkout
- run: curl -sfL https://raw.githubusercontent.com/Bearer/bearer/main/contrib/install.sh | sh -s -- -b /tmp
- run: CURRENT_BRANCH=$CIRCLE_BRANCH SHA=$CIRCLE_SHA1 /tmp/bearer scan .

workflows:
test:
jobs:
- bearer
```

A more advanced example using a Github repository and reviewdog for PR comments:

```yml
version: 2.1

jobs:
bearer:
machine:
image: ubuntu-2204:2023.07.2
environment:
# Set to default branch of your repo
DEFAULT_BRANCH: main
steps:
- checkout
- run: curl -sfL https://raw.githubusercontent.com/Bearer/bearer/main/contrib/install.sh | sh -s -- -b /tmp
- run: curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/master/install.sh | sh -s -- -b /tmp
- run: |
CURRENT_BRANCH=$CIRCLE_BRANCH SHA=$CIRCLE_SHA1 /tmp/bearer scan . --format=rdjson --output=rd.json || export BEARER_EXIT=$?
cat rd.json | REVIEWDOG_GITHUB_API_TOKEN=$GITHUB_TOKEN /tmp/reviewdog -f=rdjson -reporter=github-pr-review
exit $BEARER_EXIT

workflows:
test:
jobs:
- bearer:
filters:
branches:
# No need to run a check on default branch
ignore: main
context:
- bearer
# make sure to set GITHUB_TOKEN in your context

```

The `GITHUB_TOKEN` in this case just requires read and write access to pull requests for the repository.

{% callout "warn" %}
Currently DEFAULT_BRANCH is hard coded and diff scanning is not supported because base branch information is not available in Circle CI.
In the future we hope to support diff scanning in Circle CI by having the CLI call the Github API for the details.
{% endcallout %}

## Universal setup

For other services, we recommend selecting the [installation method](/reference/installation/) that best fits the platform.
Expand Down
Loading