I've made a new CI engine lets me run CI on untrusted code without having to worry. I call it Ambient, and it's quite awful to use, but works for me. The web site is also quite horrifyingly ugly. I'm a hacker, I don't understand marketing.

Not sure if Ambient is of much interest to anyone else, but I would welcome help in making it nicer. There's a lot of low hanging fruit, I'm sure.

Ambient runs the CI project in a virtual machine, under qemu-system, without network access. The CI run has limits on CPU cores, RAM, disk space, and run time it can use. The limits are set by the person running Ambient, not by the project. On my Framework laptop it takes about four seconds to run a dummy CI project that just runs echo hello world.

Current status is that it's my personal CI system. I build all my web sites using it, and build and test all my personal projects with it. I also build and publish Debian packages for some of my software, using Ambient. However, as I'm very lazy, I will happily read binary log files with less if it saves me from having to implement a better run log.

(In case it matter: the code is in Rust and is licensed under GNU GPL v3 or later. There is no actual release yet, but you can install it from the source tree.)