Add guide to managing a url orb allow list #9413

yaningo · 2025-05-30T15:48:25Z

Description

Documenting how to manage URL orb allow-lists.

Reasons

This is a new feature.

Content Checklist

Please follow our style when contributing to CircleCI docs. Our style guide is here: https://circleci.com/docs/style/style-guide-overview.

Please take a moment to check through the following items when submitting your PR (this is just a guide so will not be relevant for all PRs) 😸:

Break up walls of text by adding paragraph breaks.
Consider if the content could benefit from more structure, such as lists or tables, to make it easier to consume.
Keep the title between 20 and 70 characters.
Consider whether the content would benefit from more subsections (h2-h6 headings) to make it easier to consume.
Check all headings h1-h6 are in sentence case (only first letter is capitalized).
Is there a "Next steps" section at the end of the page giving the reader a clear path to what to read next?
Include relevant backlinks to other CircleCI docs/pages.

jekyll/_cci2/url-orbs.adoc

gordonsyme · 2025-06-03T10:10:36Z

I think it would be useful to add a short "how to" section. E.g. if you want to use an orb in a public GitHub repo you need to set the allow-list entry up with the none auth-type.

If you want to use an orb in a private GitHub repo you need to use either github-oauth or github-app.

If a single organisation wants to use orbs from public and private repos it needs to set both entries up, this can mean you have the same URL prefix in the allow-list twice, but with different auth.

Things that might be relevant for the "how to":

When you should use github-app vs github-oauth for auth. Answer: always prefer github-app unless you don't have CircleCI's GitHub App set up.
How to work out the URL to use when you host an orb on GitHub. E.g. if the file is orbs/my-orb.yaml in a repo called my-org/my-orbs-repo then you need to use https://raw.githubusercontent.com/my-org/my-orbs-repo/refs/heads/main/orbs/my-orb.yaml. If you want to use a specific commit sha for the orb content the URL looks a bit different again. You can get these from clicking the Raw button when looking at a file on github.com at least.
Same thing, but for Bitbucket.
Using both public and private GitHub repos to host URL orbs

* Adding `override-with` key to config reference (#9370) * Adding new key paragraph to config reference * Implementing review suggestions * Intro URL orbs (#9405) * add sections to introduce url orbs * Update jekyll/_cci2/orb-intro.adoc * Adding `override-with` key to config reference (#9370) * Adding new key paragraph to config reference * Implementing review suggestions --------- Co-authored-by: Yann D. <yaningo@users.noreply.github.com> * How to override a job (#9407) * scaffolding for simple example done. * some formatting updates * structural changes and corrections * fixes * Adding `override-with` key to config reference (#9370) * Adding new key paragraph to config reference * Implementing review suggestions * updates from review * update syntax and add note to update URL * fix link and typo --------- Co-authored-by: Yann D. <yaningo@users.noreply.github.com> * Orb authoring guides updates (#9416) * combine orb author guides and mention URL orbs * fix links * Add guide to managing a url orb allow list (#9413) * Creating URL orb related how-to page * Completing and improving page content * Implementing review suggestions * Addressing review comments * Adding note for screenshots * add screenshots --------- Co-authored-by: Rosie Yohannan <rosie@circleci.com> * update links from how to guide * fix some lint errors * create real links to API docs in manage allow-list page --------- Co-authored-by: Yann D. <yaningo@users.noreply.github.com>

yaningo added 2 commits May 28, 2025 16:15

Creating URL orb related how-to page

45b9a0e

Completing and improving page content

cfff873

yaningo requested review from a team as code owners May 30, 2025 15:48

yaningo requested a review from gordonsyme May 30, 2025 16:24

briceicle reviewed May 30, 2025

View reviewed changes