sakkmesterke - stock.adobe.com

CircleCI orbs go private for DevOps teams

CircleCI has released new functionality that enables developers to build CircleCI orb configuration packages that run only in their private enterprise environment.

CircleCI has introduced a new version of its orb concept for developers and DevOps teams that will increase control, protection and privacy of their configuration packages.

CircleCI orbs are reusable bundles of YAML configuration that enable developers to automate repeated processes. However, now the company has introduced private orbs that give development teams the ability to share their configuration packages exclusively within their organization, said Tom Trahan, vice president of business development at CircleCI, in an interview.

Close to home

Large enterprises unintentionally duplicate work because there is no convenient or central way to publish sharable components, and private orbs will let them do that as it pertains to CircleCI, said Chris Condo, an analyst at Forrester Research.

"I'd look at it as specific form of inner sourcing that enables enterprises to create reusable and discoverable private orbs," he added.

CircleCI orbs in general help to accelerate project setup for users and have integrations for a variety of use cases, from vulnerability scanning to test coverage of applications.

"Developers have asked the team at CircleCI to provide them with a way to privately share configuration across multiple projects, exclusive to their organization," said Stella Kim, a senior software engineer at CircleCI, in a blog post.

Private orbs will benefit any CircleCI customer that uses orbs but needs to keep elements of their build process or processes private.
KellyAnn FitzpatrickAnalyst, RedMonk

An eye on industries

Private orbs could be especially useful for companies in regulated industries that have heavy compliance issues such as healthcare and finance, Trahan said.

CircleCI private orbs "provide the tools that will allow everyone to get their work done quickly and competently, but also done in compliance with the security requirements and management agreements that an organization must answer for," Trahan said.

The ability to keep specific orbs internal to an organization is important when the information they hold involves proprietary technologies or intellectual property that needs to stay in-house, said KellyAnn Fitzpatrick, an analyst at RedMonk in Portland, Maine.

"Private orbs will benefit any CircleCI customer that uses orbs but needs to keep elements of their build process or processes private, and may enable customers to use orbs in ways that they could not do so previously," Fitzpatrick said.

CircleCI orb registry blossoms

CircleCI introduced orbs in 2018 as a way to package and share configuration information to help developers simplify their development process and speed up their time to production. Since then, more than 2,000 orbs have been created and more than 10,000 different organizations are using them on a monthly basis, and they have been integrated into nearly 18 million CI/CD pipelines, Trahan said.

CircleCI makes the public orbs available on the CircleCI Orb Registry. These orbs are often used to integrate with other tools and technologies such as a cloud provider command-line interface (CLI) or an artifact registry, Fitzpatrick said.

Meanwhile, all available private orbs will be easily accessible for developers across the same organization via CircleCI's CLI.

CircleCI competes with other SaaS continuous integration vendors such as Codefresh, CloudBees and Travis CI. Each vendor has a different approach to reusable components.

Dig Deeper on Software development lifecycle