Igor Zalutski

[RFC] Encrypt plan artifacts at rest

1

Currently plan files persisted in workplace artifacts in GitHub are not encrypted (see #817). This is a security concern because plan artifacts contain a snapshot of state, which can contain...

Currently, the only officially supported compute backend in Digger is GitHub Actions. A few people managed to make it work with GitLab and Jenkins, but that's most likely with an...

[RFC] Checking .terraform.lock.hcl for allowed providers

1

Currently Digger supports only 2 types of policies: - Plan policy (that's checking plan output) - Access policy (that's checking who can do what, e.g. whether or not an Apply...

## Why is this needed? Currently, Digger orchestrator can only dispatch jobs to the CI backend (e.g. Actions) in a "push" fashion. With Actions, it calls the `.../{workflow_id}/dispatches` endpoint directly....

Remove isNonEmptyPlan from the Plan() method of the Executor interface

2

We no longer use it; in #1028 we switched to parsing actual plan output json to determine whether or not it's empty So the is confusing ``` type Executor interface...

Readability / maintainability could be improved if we wrap async operations like locking into standard abstractions like Result, Future, etc. One such library is [samber/mo](https://github.com/samber/mo); there are probably others. Unknown:...

It was listed here: https://docs.digger.dev/howto/workspaces Removed as it is not supported at the moment Consider re-introducing

Bad UX; the user has to un-collapse to see which project the comment is for