Hello, you can put something like the following snippet in a plugin or an init script:
// ONLY USE COPORATE REPO FOR DEPENDENCIES
def coporateRepoUrl = "http://repo.gradle.org/gradle/repo"
repositories {
all { ArtifactRepository repo ->
if (!(repo instanceof MavenArtifactRepository) || repo.url.toString() != coporateRepoUrl) {
project.logger.warn "Repository ${repo.url} removed. Only $coporateRepoUrl is allowed"
remove repo
}
}
maven { url coporateRepoUrl }
}
Having this in an init script that is just added to your CI machine would allow your devs to try some things out and define custom repositories in their working copy, but your CI would only use the trusted repository you defined in your init script