Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Is there any built-in way to restrict build images that can be used in a workspace?

Jonathan Joseph
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 12, 2023

It'll be a big security concern for our team if a dev is able to reference any public docker image for their builds.

Is there any built-in way to restrict which ones can be used? If not, is there anything on the roadmap for such a feature?

1 answer

1 accepted

0 votes
Answer accepted
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 15, 2023

Hi Jonathan and welcome to the community.

I'm afraid that there is no way to restrict the Docker images that can be used as a build container in Pipelines and such a feature is not in our roadmap at the moment.

I can create a feature request in our issue tracker, so we can gather interest in such a feature, would you like me to proceed with that? I assume you are looking for a way to restrict this via the Repository settings which are available to admins only? A restriction configured in the yml file could always be overwritten by a developer by simply editing the yml file in the branch they are working on.

Kind regards,
Theodora

Jonathan Joseph
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 17, 2023

Hi Theodora,
Yes, please create that ticket for me and keep me updated. And like you mentioned it would be best if it was done via Repository or Workspace settings. 

 

Thank you

Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 31, 2023

Hi Jonathan,

I went ahead and created a feature request in our issue tracker:

Please make sure to add your vote (by selecting the Vote for this issue link) as the number of votes helps the development team and product managers better understand the demand for new features. You are more than welcome to leave any feedback, and you can also add yourself as a watcher (by selecting the Start watching this issue link) if you'd like to get notified via email on updates.

Implementation of new features is done as per our policy here and any updates will be posted in the feature request.

Kind regards,
Theodora

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events