We use cookies to understand how people use Depot.
← All Posts

Now available: CircleCI OIDC for Depot builds

Written by
kyle
Kyle Galbraith
Published on
7 September 2023
In addition to our existing GitHub Actions and Buildkite OIDC integrations via trust relationships, we now support CircleCI OIDC for Depot builds as well.
Now available: CircleCI OIDC for Depot builds banner

We're excited to announce that our integration with CircleCI just got even better! We have rolled out the ability to directly integrate with CircleCI OIDC via trust relationships.

You can now configure a trust relationship in Depot that allows your CircleCI jobs to access your project via a token exchange. So now, rather than having to embed a project token in your CircleCI environment, you can dynamically exchange tokens when your build runs to authenticate to your project from CircleCI.

How to use CircleCI OIDC

You need to configure a trust relationship for your Depot project to leverage this new functionality. To add a trust relationship for CircleCI, you can go through the following steps:

  1. Open your Project Details page by clicking on a project from your projects list
  2. Click the Settings button next to your project ID
  3. Click the Add trust relationship button
  4. Select CircleCI as the provider
  5. Enter your CircleCI organization UUID (this is found in your CircleCI organization settings)
  6. Enter your CircleCI project UUID (this is found in your CircleCI project settings)
  7. Click Add trust relationship

Note: CircleCI requires entering your organization and project UUID, not your organization's or project's friendly name.

Once the trust relationship is configured, you can use the depot CLI inside of your CircleCI jobs without any additional configuration in your job. See our CircleCI integration guide for common examples of depot build in your CircleCI jobs.

Conclusion

We're excited to continue making it easier and more secure to integrate Depot into your existing CI/CD workflows. The OIDC exchange eliminates the need to store static access tokens inside your CI provider. Instead, Depot can identify the CI job or workflow via a trust relationship tied to the project and issue short lived one-time build tokens.

Today, you can connect to your Depot projects via OIDC token exchanges from GitHub Actions, Buildkite, and now CircleCI.

Pop into our Community Discord and let us know what you think!

Your builds have never been this quick.
Start building