Outside a Config File: Project Settings

Helpful Resources Guides, Manuals, and Tutorials Self Service Configuration Review
, ,
1

Outside a Config File

Project Settings

Security

Review project settings to ensure they are set correctly, this can be done via the UI or API.

Confirm that the following Advanced settings are toggled off unless needed for your use case:

  • Build forked pull requests
  • Pass secrets to builds from forked pull requests

Confirm that the following API only project settings are toggled on unless not needed for your use case:

  • disable-ssh
  • write-settings-requires-admin

Confirm no unexpected SSH keys, project API tokens, or integrations are present.

Non-security

Review project settings to see if any options would be helpful with your use case. Helpful options include:

  • Only build pull requests
  • Auto-cancel redundant workflows
  • Enable dynamic config using setup workflows
  • GitHub Status Updates

Review current triggers to ensure scheduled pipelines are running at the correct times. If there are no scheduled pipelines, consider implementing one.

Review available integrations and see if any can be implemented to improve user experience.

Review current webhooks to ensure they are being consumed appropriately. If webhooks aren’t being used, consider implementing them.

:arrow_forward: Next Step: Finalize Review

:arrow_backward: Previous Step: Outside the Config: Storage Usage

📑 Table of Contents

Self Service Configuration Review Overview

  1. Configuration Review Preparation
  2. Review Each Job for Improvement Opportunities
  3. Review Each Workflow for Improvement Opportunities
  4. High Level Improvement Opportunities
  5. Finalize Review