# CircleCI

### Common Build Integration Documentation

This documentation is specific to CircleCI. [Common build server](/integrations/build-integrations.md) documentation should be reviewed before proceeding further. 

### Environment Variables

Environment variable values can be found in your [user profile](/threat-center-1/user-profile.md).

* THREATRIX\_OID - Your organization ID.
* THREATRIX\_EID - Your entityID (if you wish to override your default).
* THREATRIX\_API\_KEY - Personal or organization API key.

### Install Environment Variables

{% hint style="warning" %}
This step may require administrative privileges within CircleCI
{% endhint %}

From within CircleCI navigate to "Organization Settings->Contexts"

<figure><img src="/files/bLgoDpCZJun2A7cVT1cQ" alt=""><figcaption></figcaption></figure>

Click the Create Context button and create a new Context named "Threatrix"

<figure><img src="/files/BZn363f3cfsxun0byDeI" alt=""><figcaption></figcaption></figure>

After creating the context, click on the name to add environment variables to the context.&#x20;

<figure><img src="/files/FHewfAhhNS6aq3CbAu03" alt=""><figcaption></figcaption></figure>

From within the Add Environment Variable dialog, enter the necessary variable values.

* THREATRIX\_OID - Your organization ID.
* THREATRIX\_EID - Your entityID (if you wish to override your default).
* THREATRIX\_API\_KEY - Personal or organization API key.

![](/files/-Mj1ivZuQ0d6E6m2aF26)

## Add the Threatrix Agent to your build server.&#x20;

First,Add threatrix context to your job

<figure><img src="/files/zmZWW5GMemwguJqHdKYT" alt=""><figcaption></figcaption></figure>

### Option 1: Add CLI Threat Agent

From within your SCM repository, add the following snippet to your .circleci/config.yml file or download a full example here:&#x20;

{% file src="/files/xstHcHxOz27f5yUp8NBW" %}
config.yml
{% endfile %}

```yaml
# Execute Threat Scan
- run:
    name: Install Threatrix ThreatAgent & Scan
    command: |
        curl -LJO https://github.com/threatrix/threat-matrix/releases/download/agent-release-latest/threat-agent-latest.jar
        java -jar /tmp/threatagent.jar --progress
        
```

### Option 2: Add Docker Threat Agent Step to your build

{% hint style="warning" %}
**Prerequisite: In order to use our Docker image, your build executor must be of type `machine` otherwise, we'll be unable to create the necessary Docker volume**
{% endhint %}

<figure><img src="/files/OQrr4FYa8Xq0RUuzKHAs" alt=""><figcaption></figcaption></figure>

Add the following code snippet as a step to your existing build job. The threatrix scan agent should run either before or in parallel with your build job.

```
- run:
    name: Threatrix Scan
    command: |
        printenv > host.env
        docker run -v $(pwd):/app --env-file=host.env threatrix/threat-agent ./
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.threatrix.io/integrations/build-integrations/circleci.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.