[Esophagus4]

Oh man, what could go wrong.

Edit: to be clear for anyone reading, don’t do this, it’s a really bad idea. You need to patch your stuff, even behind a VPN. If you’re unsure, just google: “examples of security breaches of unpatched software behind VPNs”

[WestCoader]

Yeah I literally work on that side of things, Platform/etc. Managing GHE, CI across so many CI platforms over the past almost two decades, etc. It's a disaster thinking you can "just spin up X". Sure, if you're a two person operation, but scale becomes a factor real fast. Too many people on HN are giving away they have little to no experience. And I'm the one that made the initial comment in this thread, lol. It's frustrating, but I don't want to go back to "managing build agents" and the control plane (aka whatever your central Git Host is) for everything and all jobs, etc. That's a pain in the ass and 90% of environments have no fucking clue how to maintain that shit.

If someone wants to pay me to do lead such an effort, I'd do it, and yes, it'll all be done and managed in code, and it will be done better than 90% of folks could do (I've seen the production build systems most environments have built, some big names too, and they're trash...in no small part because it's simply hard to do), but it'll take a while to smooth the experience out for all of your requirements. You're gonna be paying, and very well, for a while.