Depending on how many thousands of $ per year, it would probably be cheaper and more reliable to self-host GitLab. It's better in terms of organisational structure (you can have one, including access and secret inheritance), and (personal view) Gitlab-CI is better than GitHub Actions because it doesn't push you towards a JavaScript/NPM style dependency hell. And it's actually fairly easy to self-hosted, with options from a single machine with an omnibus package that handles everything to a full blown autoscaling Kubernetes deployment.

▲

hsbauauvhabzb 5 hours ago | parent [-]

Sounds good until you see their cvedetails page

▲

lazystone 4 hours ago | parent | next [-]

Hide it behind VPN, so it's not accessible from outside.

▲

PunchyHamster 3 hours ago | parent | prev | next [-]

When you own it you can just limit it into vpn-ed company users, that significantly cuts down on the area that can be hit

▲

sofixa 5 hours ago | parent | prev [-]

I mean, the GitHub Actions supply chain risks and attacks definitely compensate for any GitLab security vulnerabilities you can think of.

	▲	user43928 5 hours ago \| parent [-]
		[dead]