Allow to use third-party orbs by white list
complete
Oran Wilder
complete
Config Policies are now generally available for Scale plan in Cloud and Server 4.2+, enabling org admins to allow or disallow orbs by namespace and orb name.
Oran Wilder
The ability to allow specific orbs by name or namespace is now supported through our Config Policy Management feature, currently in open preview for Scale customers. Learn how to try it out: https://circleci.com/docs/config-policy-management-overview/
T
Thuen Andreas
Any news on when this will be available?
Oran Wilder
in progress
Namespace-based orb policies are in progress.
Oran Wilder
under review
Options for allowing orbs by namespace or by individual orb name are under review for second half of 2022.
Oran Wilder
Merged in a post:
Allow Whitelist for 3rd party Orbs
J
Jonathan Fontaine
There is currently a control to allow or disallow 3rd party orbs. While this is ok, I would like the granularity control to introduce cleared and reviewed Orbs to my repo population to avoid unintentional introductions, vulnerabilities or issues.
CCI-I-1161
K
Kelly Setzer
This would be a nice feature along with CCI-I-606.
D
Dominik K
Hi. There's already a ticket for it: https://ideas.circleci.com/ideas/CCI-I-687 May you add your vote there, as well, please?
D
Dominik K
@Nathan:Another option would be that we can whitelist a private orb registry: https://ideas.circleci.com/ideas/CCI-I-819
D
Dominik K
@Nathan:Exactly. Whitelisting a whole orb namespace would also be nice. That way we could only allow our own company orb namespace. Would be a perfect fit when this namespace is private, as well (see https://ideas.circleci.com/ideas/CCI-I-606).
Load More
→