Skip to content
Docs
Cancel

オープンソース プロジェクトの構築

以下のセクションに沿って、CircleCI 上でのオープンソース プロジェクトのビルドに関するヒントとベスト プラクティスについて説明します。

概要

To support the open source community, organizations on Github or Bitbucket will be given 100,000 free credits per week that can be spent on open source projects. These credits can be spent on Linux-medium resources. Each organization can have a maximum of four concurrent jobs running.

Note: If you are building an open source project on macOS, contact billing@circleci.com to enable these additional containers.

Note: There is a concurrency limit of 4 containers for Docker and Machine executors whereas macOS executors are limited to 1 container. Additional containers will be queued.

セキュリティ

While open source can be a liberating practice, take care not to liberate sensitive information.

  • If your repository is public, your CircleCI project and its build logs are also public. 表示対象として選択する情報に注意してください。
  • Environment variables set in the CircleCI application are hidden from the public, these variables will not be shared in forked PRs unless explicitly enabled.

Features and settings for open source projects

The following features and settings are especially useful for open source projects.

Private environment variables

Many projects require API tokens, SSH keys, or passwords. Private environment variables allow you to safely store secrets, even if your project is public.

For more information, see the Environment Variables document.

Only build pull requests

By default, CircleCI builds every commit from every branch. This behavior may be too aggressive for open source projects, which often have significantly more commits than private projects.

To change this setting, go to the Project Settings>Advanced of your project and set the Only build pull requests option to On.

Note: Even if this option is enabled, CircleCI will still build all commits from your project’s default branch and tags

Build pull requests from forked repositories

Many open source projects accept PRs from forked repositories. Building these PRs is an effective way to catch bugs before manually reviewing changes.

By default, CircleCI does not build PRs from forked repositories. To change this setting, go to the Project Settings>Advanced of your project and set the Build forked pull requests option to On.

NoteThis feature is not currently supported for BitBucket users.

Note: If a user submits a pull request to your repository from a fork, but no pipeline is triggered, then the user most likely is following a project fork on their personal account rather than the project itself of CircleCi, causing the jobs to trigger under the user’s personal account and not the organization account. To resolve this issue, have the user unfollow their fork of the project on CircleCI and instead follow the source project. This will trigger their jobs to run under the organization when they submit pull requests.

Pass secrets to builds from forked pull requests

Running an unrestricted build in a parent repository can be dangerous. Projects often contain sensitive information, and this information is freely available to anyone who can push code that triggers a build.

By default, CircleCI does not pass secrets to builds from forked PRs for open source projects and hides four types of configuration data:

  • アプリケーションを通して設定される環境変数

  • /docs/2.0/gh-bb-integration/#デプロイ-キーとユーザー-キー

  • ビルド中に任意のホストにアクセスするために CircleCI に追加した、パスフレーズのないプライベート SSH キー

  • AWS permissions and configuration files.

Note: Forked PR builds of open source projects that require secrets will not run successfully on CircleCI until you enable this setting.

If you are comfortable sharing secrets with anyone who forks your project and opens a PR, you can enable the Pass secrets to builds from forked pull requests option. In the Project Settings>Advanced of your project, set the Pass secrets to builds from forked pull requests option to On.

キャッシュ

Caches are isolated based on GitHub Repo for PRs. CircleCI uses the GitHub repository-id of the originator of the fork PR to identify the cache.

  • PRs from the same fork repo will share a cache (this includes, as previously stated, that PRs in the master repo share a cache with master).
  • それぞれ異なるフォーク リポジトリ内にある 2 つの PR は、別々のキャッシュを持ちます。
  • enabling the sharing of environment variables will enable cache sharing between the original repo and all forked builds.

Currently there is no pre-population of caches because this optimization hasn’t made it to the top of the priority list yet.

Example open source projects

Following are a few examples of projects (big and small) that build on CircleCI:

  • React - Facebook’s JavaScript based React is built with CircleCI (as well as other CI tools).
  • React Native - Build native mobile apps using JavaScript and React.
  • Flow - Adds static typing to JavaScript to improve developer productivity and code quality.
  • Relay - JavaScript framework for building data-driven React applications.
  • Vue - Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
  • StoryBook - Interactive UI component dev & test: React, React Native, Vue, Angular, Ember.
  • Electron - Build cross-platform desktop apps with JavaScript, HTML, and CSS.
  • Angular - Framework for building browser and desktop web applications.
  • Apollo - A community building flexible open source tools for GraphQL.
  • PyTorch - Data manipulation and Machine Learning platform.
  • Calypso - The next generation webapp powering WordPress.com.
  • Fastlane - A build automatically tool for Android and iOS.
  • Yarn - The npm replacement.

See also

Refer to the Examples document for more public and open source project configuration links organized by CircleCI features and by programming language.


Help make this document better

This guide, as well as the rest of our docs, are open-source and available on GitHub. We welcome your contributions.

Creative Commons License
CircleCI Documentation by CircleCI is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.