Public Build Security on PRs


Are there plans to offer functionality that allows us to control whether or not builds can be triggered by pull requests that are from “untrusted users?”

Here is our scenario. We are using Buildkite as a replacement for TravisCI/AppVeyor to run pull request verification tests. The test definitions are kept in a YAML file that is dynamically loaded using the buildkite-agent. We’re concerned that a malicious user could open up a pull request and modify the YAML in a malicious manner.

We’re hoping there could be a way we could “quarantine” those builds until the pull request could be reviewed by a trusted user.


There is already an option the pipeline settings to not start builds when the PR comes from a fork:

Build pull requests from third-party forked repositories . Creates builds for pull requests from third-party forks.

You could just leave that disabled, so you wouldn’t automatically kick off builds for third-party changes to your repo.


Im aware of that setting, but that doesnt meet my requirments. I need to allow builds to be (or not to be) triggered based on the github user, regardless of whether or not they are on a fork.