Make this a first-party rather than third-party orb? #81
Comments
|
Hey there! I totally appreciate your concern. I'm not sure if circle wants to adopt this, but I'm also pushing native platform level queuing. Trust me, I get it😅 You're more than welcome to copy paste, you could use dynamic config to pull it in from another file or CLI to grab mine live. you can also fork it and publish as a private orb. I realize all those options have their own caveats/concerns, thanks for raising the need. |
|
@eddiewebb hokay! So even without formally making it part of the project, can you at least get it "certified"? My security team / Circle maintainers say that's all that would be needed. On https://circleci.com/docs/2.0/orbs-faq/#using-uncertified-orbs it says
So, maybe this is a good one to get certified, and hopefully it's an easy lift organizationally? |
|
Another thought (though likely too late for @cjcjameson , maybe others have similar need). A new feature of CircleCI allows org admins to audit and approve specific orbs to be used in configurations. Rules can be global or applied to specific projects. This can be at orb level, or pin version to major,minor, patch. https://circleci.com/docs/config-policy-management-overview/ |
Is your feature request related to a problem? Please describe.
My organization is security-sensitive and the one-liner at line 48 for the actual execution is really hard to audit.
I want to include this in our pipeline to mutex AWS deployments, but will need admin approval. Not sure if we can justify it.
Describe the solution you'd like
I'd like circleci-queue to be part of the core CircleCI product so I don't have to ask for permission
Describe alternatives you've considered
Additional context
The text was updated successfully, but these errors were encountered: