The upcoming BuildCheck to flag env var usage trigger on our ContinuousIntegrationBuild detection logic:
|
<PropertyGroup> |
|
<!-- Set by many build agents --> |
|
<ContinuousIntegrationBuild Condition="'$(CI)' == 'true'">true</ContinuousIntegrationBuild> |
|
<!-- Azure Pipelines / DevOpsServer https://learn.microsoft.com/en-us/azure/devops/pipelines/build/variables?view=azure-devops&tabs=yaml#system-variables-devops-services --> |
|
<ContinuousIntegrationBuild Condition="'$(TF_BUILD)' == 'true' AND '$(ContinuousIntegrationBuild)' != 'true'">true</ContinuousIntegrationBuild> |
|
<!-- GitHub Actions https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables --> |
|
<ContinuousIntegrationBuild Condition="'$(GITHUB_ACTIONS)' == 'true' AND '$(ContinuousIntegrationBuild)' != 'true'">true</ContinuousIntegrationBuild> |
|
<!-- AppVeyor https://www.appveyor.com/docs/environment-variables/ --> |
|
<ContinuousIntegrationBuild Condition="'$(APPVEYOR)' == 'true' AND '$(ContinuousIntegrationBuild)' != 'true'">true</ContinuousIntegrationBuild> |
|
<!-- Travis CI https://docs.travis-ci.com/user/environment-variables/#default-environment-variables --> |
|
<ContinuousIntegrationBuild Condition="'$(TRAVIS)' == 'true' AND '$(ContinuousIntegrationBuild)' != 'true'">true</ContinuousIntegrationBuild> |
|
<!-- Circle CI https://circleci.com/docs/variables/#built-in-environment-variables --> |
|
<ContinuousIntegrationBuild Condition="'$(CIRCLECI)' == 'true' AND '$(ContinuousIntegrationBuild)' != 'true'">true</ContinuousIntegrationBuild> |
|
<!-- AWS CodeBuild https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-env-vars.html --> |
|
<ContinuousIntegrationBuild Condition="'$(CODEBUILD_BUILD_ID)' != '' AND '$(AWS_REGION)' != '' AND '$(ContinuousIntegrationBuild)' != 'true'">true</ContinuousIntegrationBuild> |
|
<!-- Jenkins https://www.jenkins.io/doc/book/pipeline/jenkinsfile/#using-environment-variables --> |
|
<ContinuousIntegrationBuild Condition="'$(BUILD_ID)' != '' AND '$(BUILD_URL)' != '' AND '$(ContinuousIntegrationBuild)' != 'true'">true</ContinuousIntegrationBuild> |
|
<!-- Google Cloud Build https://cloud.google.com/build/docs/configuring-builds/substitute-variable-values --> |
|
<ContinuousIntegrationBuild Condition="'$(BUILD_ID)' != '' AND '$(PROJECT_ID)' != '' AND '$(ContinuousIntegrationBuild)' != 'true'">true</ContinuousIntegrationBuild> |
|
<!-- TeamCity https://www.jetbrains.com/help/teamcity/predefined-build-parameters.html#Server+Build+Properties --> |
|
<ContinuousIntegrationBuild Condition="'$(TEAMCITY_VERSION)' != '' AND '$(ContinuousIntegrationBuild)' != 'true'">true</ContinuousIntegrationBuild> |
|
<!-- JetBrains Space https://www.jetbrains.com/help/space/automation-environment-variables.html#general --> |
|
<ContinuousIntegrationBuild Condition="'$(JB_SPACE_API_URL)' != '' AND '$(ContinuousIntegrationBuild)' != 'true'">true</ContinuousIntegrationBuild> |
|
</PropertyGroup> |
It feels like we should have an opinion on what the correct fix is here. The two main options I see are:
- Recommend that people that use the BuildCheck not rely on the detection and instead pass
/p:ContinuousIntegrationBuild=true directly when in CI
- Allowlist these variables in some fashion. For that to work smoothly, we likely need to package an analyzerconfig with the values. It's also unclear if BuildChecks currently support packaged analyzerconfig files
