CircleCI Ideas

Require manual approval to run fork PRs

A customer wants to manually approve every fork PR build before it gets run.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Oct 16 2017
  • Taking votes
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    10 Jun 16:05

    This is a very important use case for us too.


    Basically we have a open source project in github public, and we want to be able to build PRs before merging.

    The project includes terraform templates to create builds on public clouds.


    Right now we have to merge before we can build, which means we must merge PRs to validate that they don't break anything.


    If there was a manual approval in place, we could validate that circleci.yaml was not tampered to bleed secrets before building a "untrusted" PR. This is basically the same we need to do before merging a PR now, but with this improved flow we could test the code before ever merging.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    10 Jun 16:45

    +1 Very important to be able to run builds after validating that nothing has been tampered with.