Trigger a pipeline as a specific user (not the owner of the session token or access token)
As a secure way to trigger a pipeline as a specific person: Users want to trigger a pipeline outside CircleCI Currently personal API tokens are needed to trigger a pipeline through the API. Asking each user to feed CircleCI token is not feasible; it heavily degrades system security. Use of a token for a machine user is not ideal, because API calls will be authenticated as the machine user, making it impossible to distinguish who triggered which pipeline on CircleCI. There is a need of consideration that inappropriate impersonation can happen; therefore accepting federated tokens is more favourable."
API authentication with federated tokens, not personal access tokens
As a secure way to trigger a pipeline as a specific person. Related to the request below (Trigger a pipeline as a specific user): Users want to trigger a pipeline outside CircleCI Currently, personal API tokens are needed to trigger a pipeline through the API. Asking each user to feed the CircleCI token is not feasible; it heavily degrades system security. Use of a token for a machine user is not ideal, because API calls will be authenticated as the machine user, making it impossible to distinguish who triggered which pipeline on CircleCI. Federated tokens solve the challenge: Accept federated tokens issued by some party in API calls. Then API calls will be authenticated as the subject of the token. The external app needs to think about a secure way to obtain the federated token, but that shouldn't be a difficult issue
Support GPU in Server
It is currently not possible to run GPU builds on Server: > It is not possible to run a GPU build on a server instance. > https://circleci.com/docs/executor-intro/#gpu This feature request is to introduce GPU resources for users on CircleCI Enterprise Server 4.x and up.
Allow custom HTML announcement banner in Server
We would like the ability to place a customized HTML banner on specific pages on Server. CCI-I-1191
Manual job triggering with override parameters.
Would like the ability to trigger jobs manually where the job supports the ability to enter values to override the default values. This is especially important for Release job support and deployments to Staging/UAT/Release environments.
[Server] Orb Registry UI for non-admin users in Server 4+
This feature request is to introduce a UI similar to our developer hub on cloud for users on server to see which orbs have been imported by their CircleCI Server Admins. In cloud, users can navigate to the developer hub to see all available orbs. > https://circleci.com/developer/orbs In Server, admins can import their orbs which are not visible to the users who are not admins. This leaves non-admins users unable to see which orbs have been imported into their enterprise environment.
Add Support for Bitbucket Server
Add support for integrating CircleCI Server with Bitbucket Server and Datacenter.
Support scheduled pipelines on CircleCI server
Currently CircleCI server does not support scheduled pipelines. This feature request is to have this feature available on CircleCI server.
Server 4.x documentation on setting storage retention policy
Server 2.x had a document on setting lifecycle policy and that helped to keep the s3 and storage cost low with deleting unnecessary data. However server 3.x and 4.x did not have these documentation and it would be greatly appreciated if there is a guide to set these. Also we are not sure what the object prefix is for job artifacts. It seems S3 prefix filtering also doesn't work with wildcard patterns, https://repost.aws/questions/QU0ssGaRmOQTCvPj0O0w6Cug/questions/QU0ssGaRmOQTCvPj0O0w6Cug/does-s3-filtering-allow-wildcards-for-prefixes-in-sqs-event-notifications , so we cant express say /artifacts/picard/* /artifacts/ .
Force-cancel workflow on Server UI
We had some very old jobs stuck in "queued" state for months, which were clearly never going to run. These jobs were not present on any nomad nodes, but could be seen via the API and the web UI. When I asked support how to get rid of them, they gave me instructions for how to use kubectl exec to log into a frontend pod and use the REPL to run circle.http.api.admin-commands/force-cancel-build on each job. That worked, but there should be a button on the frontend web UI to do the same thing. Jobs on Server can get lost into this kind of zombie state, and it's not practical to expect people to run a REPL directly on the frontend pod to clear them out - and it's also more risky to do so.