57
Allow to use third-party orbs by white list
in progress
Oran Bartell
The ability to allow specific orbs by name or namespace is now supported through our Config Policy Management feature, currently in open preview for Scale customers. Learn how to try it out: https://circleci.com/docs/config-policy-management-overview/
T
Thuen Andreas
Any news on when this will be available?
Oran Bartell
in progress
Namespace-based orb policies are in progress.
Oran Bartell
under review
Options for allowing orbs by namespace or by individual orb name are under review for second half of 2022.
Oran Bartell
Merged in a post:
Allow Whitelist for 3rd party Orbs
J
Jonathan Fontaine
There is currently a control to allow or disallow 3rd party orbs. While this is ok, I would like the granularity control to introduce cleared and reviewed Orbs to my repo population to avoid unintentional introductions, vulnerabilities or issues.
CCI-I-1161
K
Kelly Setzer
This would be a nice feature along with CCI-I-606.
D
Dominik K
Hi. There's already a ticket for it: https://ideas.circleci.com/ideas/CCI-I-687 May you add your vote there, as well, please?
D
Dominik K
@Nathan:Another option would be that we can whitelist a private orb registry: https://ideas.circleci.com/ideas/CCI-I-819
D
Dominik K
@Nathan:Exactly. Whitelisting a whole orb namespace would also be nice. That way we could only allow our own company orb namespace. Would be a perfect fit when this namespace is private, as well (see https://ideas.circleci.com/ideas/CCI-I-606).
S
Shoma shoma
In my case, we wish to allow set of orbs by developer name. The fine grained control is more better, both welcome.
Load More
→