Merge pull request #253 from AikidoSec/feature/circle-ci

Add Circle CI Pipeline Guidance

README.md

@@ -207,6 +207,7 @@ iex "& { $(iwr 'https://github.com/AikidoSec/safe-chain/releases/latest/download
 
 - ✅ **GitHub Actions**
 - ✅ **Azure Pipelines**
+- ✅ **CircleCI**
 
 ## GitHub Actions Example
 
@@ -239,4 +240,23 @@ iex "& { $(iwr 'https://github.com/AikidoSec/safe-chain/releases/latest/download
   displayName: "Install dependencies"
 ```
 
+## CircleCI Example
+
+```yaml
+version: 2.1
+jobs:
+  build:
+    docker:
+      - image: cimg/node:lts
+    steps:
+      - checkout
+      - run: |
+          curl -fsSL https://raw.githubusercontent.com/AikidoSec/safe-chain/main/install-scripts/install-safe-chain.sh | sh -s -- --ci
+      - run: npm ci
+workflows:
+  build_and_test:
+    jobs:
+      - build
+```
+
 After setup, all subsequent package manager commands in your CI pipeline will automatically be protected by Aikido Safe Chain's malware detection.

packages/safe-chain/src/shell-integration/setup-ci.js

@@ -157,6 +157,14 @@ function modifyPathForCi(shimsDir, binDir) {
     ui.writeInformation("##vso[task.prependpath]" + shimsDir);
     ui.writeInformation("##vso[task.prependpath]" + binDir);
   }
+
+  if (process.env.BASH_ENV) {
+    // In CircleCI, persisting PATH across steps is done by appending shell exports
+    // to the file referenced by BASH_ENV. CircleCI sources this file for 'run' each step.
+    const exportLine = `export PATH="${shimsDir}:${binDir}:$PATH"` + os.EOL;
+    fs.appendFileSync(process.env.BASH_ENV, exportLine, "utf-8");
+    ui.writeInformation(`Added shims directory to BASH_ENV for CircleCI.`);
+  }
 }
 
 function getToolsToSetup() {