Feature Requests

Tell us what you'd like to see added to CircleCI.

Enforce Context-Based Access Controls on CircleCI Runners

Summary We request an enhancement to CircleCI’s access control mechanisms to ensure that workflows executing on specific runners (e.g., production, staging, or other critical environments) are explicitly linked to a CircleCI Context that enforces security policies. This will prevent unauthorized deployments across all environments. Problem Statement Currently, a job configured with a non-restricted context (e.g., staging) can still execute on a runner assigned to a restricted environment by specifying its resource_class. This means: A workflow without proper approval can inadvertently trigger deployments in restricted environments. Context restrictions do not prevent execution on a runner with elevated access. -While deployment failures may occur due to missing credentials or other access barriers, the ability to attempt unauthorized deployments remains a security risk. Proposed Solution CircleCI should implement a stricter enforcement mechanism that ensures: Runner-Level Context Enforcement: Runners designated for specific environments (e.g., production, staging) should be restricted to workflows explicitly using a designated CircleCI Context with appropriate access controls. Security Group Validation: Only users in an authorized security group (e.g., Environment-Deployers) should be able to trigger workflows that execute on restricted runners. Blocking Unauthorized Execution: If a job specifies a restricted runner but does not meet approval requirements, the workflow should fail early with a clear security violation message. Steps to Replicate Current Issue Configure a CircleCI job with a non-restricted context (e.g., staging). Set the job’s resource_class to a runner designated for a restricted environment. Push a commit to trigger the job in CircleCI. Observe that a deployment attempt occurs in the restricted environment despite lacking approval from the expected security group. Deployment may fail due to missing credentials, but unauthorized workflows still reach restricted environments. Expected Behavior If a job specifies a restricted runner, it should be required to use the appropriate CircleCI Context. Only authorized users in the relevant security group should be able to trigger workflows on such runners. Unauthorized workflows should be blocked before execution, preventing unauthorized access to sensitive environments. This feature would strengthen security controls, prevent unintended deployments, and align CircleCI’s access model with best practices for environment separation. Let us know if additional details or clarifications are needed. We appreciate your consideration!

Dark Mode

Like most engineers, I prefer to use a dark UI. CCI-I-930

Allow triggering multiple pipelines for PRs with the same SHA

Allow the option to trigger more than one pipeline where the SHA matches that of a prior pull request. This would allow more flexibility around triggering pipelines for some use cases.

Allow for multiple "default" branches when "Only build pull requests"

We use the "Only build pull requests" option to reduce our CI overhead, but we also have release/ branches that we treat as "default" branches. We currently have to rely on a GitHub Action to trigger a pipeline build for those branches, but being able to configure the Project in Circle by providing a branch naming pattern for "default" branches would simplify things.

Allow email notifications on builds I'm the author of

Currently, email notifications can be configured for either "All Builds in My Projects", "My Branches" or "None". It would be very useful to have an option to receive email notifications only for builds I'm the author of, i.e. "My Commits" rather than "My Branches".

under review

Ability to delete project

It would be great to allow users (depending on permissions) to delete the projects themselves. This is currently not available on the UI and on the API (see https://circleci.com/docs/api/v2/index.html#tag/Project ). See a previous Discuss post here: https://discuss.circleci.com/t/add-ability-to-delete-a-project-from-circleci/936/12 In addition, I wonder if this feature may be something the system offers under privacy.circleci.com .

Carbon Footprint Calculator

Provide a tool to calculate carbon footprint for an organisation's use of CircleCI. This will allow organisations to gauge their moral responsibility.

Cache Docker images on Docker executor

Currently, DLC only applies to the actual building of Docker images within jobs. It'd be nice to enable DLC for the actual spin up of environment Docker images, since those tend to vary wildly from just a few seconds to a few minutes. Enabling DLC will allow for consistently fast spinup of environment. CCI-I-1004

save_cache should be backgroundable

It's useful that run steps can be set to background: true but this doesn't work for save_cache steps which can take up to 30 seconds in my experience. These don't need to hold up the rest of the run and would make my whole process a lot faster (as I have 4 save_cache calls) CCI-I-1226

[UX/UI] Filter by workflow

Currently it is possible to view jobs and workflows by branch but you can not specify further to show individual workflows. Users with multiple workflows may have trouble finding certain jobs that run less often when there may be many commits being made.An example would be a project (on any branch) with a workflow that runs per-commit and a secondary workflow that runs once per week. There would currently be no way to exclusively view the scheduled weekly workflow. CCI-I-757

→