CircleCI Server v3.x build artifacts

Last updated
Tags Server v3.x Server Admin

Build artifacts persist data after a job is completed. They can be used for longer-term storage of your build process outputs. For example, when a Java build/test process finishes, the output of the process is saved as a .jar file. CircleCI can store this file as an artifact, keeping it available long after the process has finished.

Safe and unsafe content types

By default, only pre-defined artifact types are allowed to be rendered. This protects users from uploading, and potentially executing, malicious content. The 'allowed-list' is as follows:

Category Safe Type

Text

Plain

Application

json

Image

png

Image

jpg

Image

gif

Image

bmp

Video

webm

Video

ogg

Video

mp4

Audio

webm

Audio

aac

Audio

mp4

Audio

mpeg

Audio

ogg

Audio

wav

Also, by default, the following types will be rendered as plain text:

Category Unsafe Type

Text

html

Text

css

Text

javascript

Text

ecmascript

Application

javascript

Application

ecmascript

Text

xml

Allow unsafe types

You can choose to allow unsafe types to be rendered, if required, by checking the Server Unsafe Artifacts checkbox within the Frontend settings in the KOTS admin console.

Screenshot highlighting the option to server unsafe build artifacts
Figure 1. CircleCI Server v3.x Artifacts


Help make this document better

This guide, as well as the rest of our docs, are open-source and available on GitHub. We welcome your contributions.