[PhilipA]

The hosted CI solutions like CircleCI looks good, but letting them control my code and do the deployment, really requires quite a bit of trust. It is another chain who can have a security breach, which could let intruders have access to my code.

[fredsters_s]

Like with all these things it's a trade-off. If security is important to you above everything else, then yeah, host it yourself and spend the extra time. But this is true for only a tiny % of startups.

Also, you're assuming that you're better able to secure this stuff than they are. Which doesn't seem obvious to me.

[grosskur]

There's also Buildbox, which is a hosted CI engine and web interface. It uses agents that you run and control yourself:

https://buildbox.io/

[PhilipA]

Thanks, will look into it!