Skip to main content
The environment module detects the deployment context from environment variables, CI markers, and hostname patterns. The detected environment is used by the gate pipeline to adjust risk scores — production environments amplify risk while development environments reduce it.

Environment Enum

Classifies the deployment environment into one of four categories.

Import

from attesta.environment import Environment

Values

MemberValueRisk MultiplierDescription
PRODUCTION"production"1.5xLive production environment. Risk is amplified.
STAGING"staging"1.2xPre-production staging environment. Slight risk amplification.
CI"ci"1.0xContinuous integration environment. No risk adjustment.
DEVELOPMENT"development"0.8xLocal development environment. Risk is reduced.

detect_environment()

Auto-detect the deployment environment using a prioritized detection chain. The ATTESTA_ENV environment variable always takes precedence. Falls back to heuristic detection from CI markers, production variables, and hostname patterns.

Import

from attesta.environment import detect_environment

Signature

def detect_environment() -> Environment
Returns: The detected (or overridden) Environment.

Detection Order

Detection uses a first-match-wins strategy:
PriorityMethodDetails
1ATTESTA_ENV variableExplicit override. Set to production, staging, ci, or development.
2CI markersChecks CI, GITHUB_ACTIONS, GITLAB_CI, JENKINS_URL, CIRCLECI, TRAVIS, BUILDKITE.
3Production markersChecks NODE_ENV=production, FLASK_ENV=production, DJANGO_SETTINGS_MODULE containing prod, RAILS_ENV=production.
4Hostname patternsMatches prod-*, prod.* for production; stg-*, stg.*, staging-*, staging.* for staging.
5DefaultReturns Environment.DEVELOPMENT.

Example

from attesta.environment import detect_environment

env = detect_environment()
print(env)        # Environment.DEVELOPMENT (on a local machine)
print(env.value)  # "development"

RISK_MULTIPLIERS

A dictionary mapping environment values to risk score multipliers. Used by the gate pipeline to adjust raw risk scores based on the operational context.

Import

from attesta.environment import RISK_MULTIPLIERS

Values

RISK_MULTIPLIERS = {
    "production": 1.5,
    "staging": 1.2,
    "ci": 1.0,
    "development": 0.8,
}

Usage

from attesta.environment import detect_environment, RISK_MULTIPLIERS

env = detect_environment()
multiplier = RISK_MULTIPLIERS[env.value]

raw_score = 0.45
adjusted_score = min(1.0, raw_score * multiplier)
print(f"Environment: {env.value}, Multiplier: {multiplier}, Adjusted: {adjusted_score}")
# Development: 0.45 * 0.8 = 0.36
# Production:  0.45 * 1.5 = 0.675

Overriding the Environment

Via Environment Variable

Set the ATTESTA_ENV variable to force a specific environment regardless of auto-detection: 
# Force production environment
export ATTESTA_ENV=production

# Force development environment
export ATTESTA_ENV=development

Via the @gate Decorator

Override the environment per-gate using the environment parameter: 
from attesta import gate

@gate(environment="production")
def deploy(service: str) -> str:
    """Always treated as production, regardless of actual environment."""
    return f"Deployed {service}"

Via attesta.yaml

Set a default environment in the configuration file:
attesta.yaml
policy:
  default_environment: production
In CI pipelines, the CI environment variable is typically set automatically. Attesta will detect this and apply a 1.0x multiplier (no adjustment). If you want CI to be treated like production for risk scoring, set ATTESTA_ENV=production in your CI configuration.

Risk Scoring

How environment multipliers affect the final risk score

Configuration

Set default environment in attesta.yaml