Raxx · internal docs

internal · gated

CI Migration Candidates — Financial and Licensing Research

Status: research-only. This document does NOT constitute legal or tax advice. Before signing any vendor contract or making entity-level financial commitments, consult a technology contracts attorney and/or CPA licensed in Pennsylvania. Last updated: 2026-05-13 UTC. Sources as of that date — verify freshness before acting.

Companion to: docs/architecture/ci-migration-candidates-2026-05-13.md (architect's filtering) Responds to architect open questions: Sections 7.1, 7.2, 7.3 Related issues: #726, #728, #1595 Decision gate: Operator review of both docs together. No migration before 2026-05-23 launch.

TL;DR (3 sentences)

Cirrus CI is a hard disqualification: it shuts down June 1, 2026 after OpenAI's acquisition of Cirrus Labs, making it unavailable for any workload starting that date. Ubicloud is the cost-cheapest path at 5,000 min/mo (~$5/mo vs ~$20/mo on GHA), but carries meaningful startup-longevity and uptime-reliability risk that the operator must weigh explicitly. Buildkite is the financially stable alternative at $30/mo for a solo operator once the 2,000-minute hosted-minutes included in the Pro plan are factored in, with a 12-year track record, SOC 2 Type II certification, and 99.95% platform SLA.

DEAL-BREAKER FINDING — SURFACE FIRST

Cirrus CI is shutting down June 1, 2026. Cirrus Labs announced on April 7, 2026 that the team is joining OpenAI. Cirrus CI will stop running jobs on June 1, 2026. Cirrus Runners is no longer accepting new customers. This is a hard disqualification regardless of any other merit. Do not adopt this candidate.

Sources: - https://cirruslabs.org/ — official announcement - https://agent-wars.com/news/2026-04-11-cirrus-labs-to-join-openai-cirrus-ci-shutting-down-june-1-2026

1. Executive Summary (3–5 sentences)

Of the four shortlisted candidates, one (Cirrus CI) is disqualified by shutdown, leaving three viable paths. Ubicloud offers the lowest migration friction (zero YAML changes) and the lowest per-minute cost (87.5% cheaper than GHA-hosted at current rates), but it lacks a published SLA, has no SOC 2 certification, has a termination-at-will clause with no data-export guarantee, and its status history shows 49+ GitHub Actions runner incidents since September 2024. Woodpecker CI eliminates ongoing SaaS costs entirely at the price of a full YAML rewrite (~2–3 weeks) and self-hosting ops burden on a VPS. Buildkite is the credible middle ground: financially stable ($17.9M revenue, profitable, $47.2M total raised), SOC 2 Type II, 99.95% platform SLA, a free tier that technically covers Raxx's solo-operator shape, and a hybrid model that keeps compute on operator-controlled infrastructure once the free hosted minutes are exhausted. The operator must answer one question before a final call: is the priority (a) zero migration effort now with lower cost and higher vendor risk (Ubicloud), or (b) a 1–2 week migration investment post-launch to eliminate runner vendor risk and gain a stable, certified platform (Buildkite)?

2. Current GHA Baseline (for comparison)

Item Value Source
Plan GitHub Team, $4/user/month https://docs.github.com/billing/managing-billing-for-github-actions/about-billing-for-github-actions
Included Linux minutes/month 3,000 (private repos) GitHub Docs (same source)
Overage rate (Linux, 2-core) $0.008/min compute + $0.002/min platform fee = $0.010/min total (effective March 2026) https://resources.github.com/actions/2026-pricing-changes-for-github-actions/
Self-hosted runner platform fee $0.002/min (added March 1, 2026) Same source
Storage included 2 GB GitHub Docs

Note on the March 2026 platform fee: GitHub added a $0.002/min platform fee for all GitHub-hosted runners effective March 1, 2026. This applies on top of the existing compute rate. The net effect is that Linux overage now costs $0.010/min, not $0.008/min. Self-hosted runners now also incur the $0.002/min fee, which previously did not apply. This is a 25% effective price increase on overage minutes and changes the break-even calculus for any alternative runner service.

3. Per-Candidate Pricing

3.1 Ubicloud Managed Runners

Pricing model: Per-minute, billed by the minute. No monthly minimum. $1/month credit included (equivalent to 1,250 minutes of standard-2 runner time).

2026 price adjustment (effective May 1, 2026 for new; June 1, 2026 for existing): Infrastructure cost increases caused Ubicloud to raise standard runner prices 26%. Standard x64 runners are being discontinued for new customers; Premium runners are the going-forward product at unchanged prices.

Runner vCPU RAM Price/min (as of May 2026)
Standard-2 (legacy/existing) 2 8 GB $0.0010
Premium-2 2 8 GB $0.0016
Premium-4 4 16 GB $0.0032
Premium-8 8 32 GB $0.0064
Premium-16 16 64 GB $0.0128
ARM-2 2 6 GB $0.0010

Comparison to GHA: At Premium-2 ($0.0016/min) vs GHA Linux overage ($0.010/min), Ubicloud is 84% cheaper per overage minute. The pricing page claims "87.5% savings" comparing older Standard runner ($0.0008/min) against GHA's pre-2026 rate ($0.008/min). With the 2026 price adjustments applied to both sides, the correct comparison is $0.0016/min (Ubicloud Premium-2) vs $0.010/min (GHA overage) = 84% cheaper.

The $1/month included credit covers 625 minutes on Premium-2.

Free tier: $1/month credit only. No free-minutes tier beyond that. Storage/log retention: Not separately priced; logs reside on operator-controlled GitHub Actions infrastructure (Ubicloud is only the runner, not the log host). Annual vs monthly: No annual commitment; pay-as-you-go. Volume discounts: Not publicly documented.

Sources: - https://www.ubicloud.com/docs/about/pricing - https://www.ubicloud.com/blog/ubicloud-price-adjustment-2026

3.2 Woodpecker CI (self-hosted)

Pricing model: $0 software cost. Apache 2.0 license. Infrastructure cost only.

Infrastructure option Estimated monthly cost Notes
Hetzner CX21 (2 vCPU, 4GB) ~$4–$6/mo Smallest viable single-node
Hetzner CPX31 (4 vCPU, 8GB) ~$9–$12/mo Recommended for concurrent pipelines
AWS t3.small (2 vCPU, 2GB) ~$15/mo On-demand; reserved is ~$9/mo
Existing EC2 or VPS (shared) $0 marginal Only if spare capacity exists

Woodpecker requires: server binary + at least one agent + a database (SQLite for dev, Postgres recommended for production). A single VPS hosting both server and agent is sufficient for Raxx's 34-workflow, 30-runs/day volume based on community reports.

Log retention: Operator-controlled; stored in the Postgres database or SQLite. Artifact storage: Not built-in; must use external storage (S3, etc.) or mount a volume. Annual vs monthly: N/A; VPS billing terms vary by provider.

Sources: - https://woodpecker-ci.org/ - https://github.com/woodpecker-ci/woodpecker - https://ossalt.com/guides/self-host-woodpecker-ci-2026

3.3 Buildkite

Pricing model: Per-active-user per month for the platform. Compute is separate (self-hosted agents are free; hosted agents are pay-as-you-go).

Plan Price Included hosted minutes Self-hosted agents
Free (Personal) $0 500 min/mo (Linux Small only) Unlimited
Pro $30/active user/month 2,000 min/mo (Linux) 10 included, $2.50/agent/mo after
Enterprise Custom (30-user minimum) Custom Custom

Hosted agent pay-as-you-go rates (after included minutes):

Size Price/min
Linux Small $0.013
Linux Medium $0.026
Linux Large $0.052
Mac M4 Medium $0.18

Free tier constraints for Raxx: - 1 active user (fits solo operator) - Max 3 concurrent jobs (hosted + self-hosted combined) — this is a potential bottleneck at 30+ runs/day if parallelism is needed - 500 hosted Linux minutes/month — covers minimal workload only - 90-day build retention (vs 1 year on Pro) - No self-hosted agents are metered on free tier (unlimited)

If Raxx runs all pipelines on a self-hosted agent (own EC2/VPS), the Free plan's 500 min/month hosted limit is irrelevant — you only pay the $0 platform fee and bear your own compute cost. The 3-concurrent-job cap on free would still apply across self-hosted + hosted combined.

Artifact storage: Up to 5 GB per artifact, retained 6 months (free with Pipelines on any plan). Package registry storage: 1 GB included on Free, 20 GB on Pro, $1.25/GB overage. Annual vs monthly: Monthly billing publicly listed; annual may be available via sales.

Sources: - https://buildkite.com/pricing/ - https://buildkite.com/docs/platform/limits

3.4 Cirrus CI — DISQUALIFIED

Status: Shutting down June 1, 2026. See deal-breaker finding above. Pricing information omitted — adoption is not possible.

Source: https://cirruslabs.org/

4. Per-Candidate Licensing Matrix

Candidate SPDX License Copyleft? Commercial use restricted? ToS securities/trading restriction? DPA available? Data residency
Ubicloud Apache-2.0 (OSS core) + proprietary SaaS ToS No No explicit restriction None found On request (contact info@ubicloud.com) Operator-selectable region; Ubicloud reserves unilateral transfer right unless agreed in writing
Woodpecker CI Apache-2.0 No No N/A (self-hosted; no SaaS ToS) N/A (no data leaves operator infrastructure) Fully operator-controlled
Buildkite MIT (agent) + proprietary SaaS (platform) No No None found in AUP or ToS Contact privacy@buildkite.com; GDPR processing commitments in privacy policy AWS US East (primary); Hosted Agents: USA or EU
Cirrus CI DISQUALIFIED

Licensing notes

Ubicloud ToS — key callouts: - Termination: Ubicloud may terminate access "at any time, with or without notice, effective immediately." Upon termination, data "may be immediately forfeited and destroyed." - No explicit data export right in the published ToS. - Cryptocurrency mining explicitly prohibited. - HIPAA data prohibited without separate agreement. - No prohibition on securities-related or trading-related workloads found. - DPA: Available on request (not self-serve); contact info@ubicloud.com. - Governing law: California (Ubicloud Inc.) for non-EEA customers.

Source: https://www.ubicloud.com/docs/about/terms-of-service

Buildkite legal callouts: - Acceptable Use Policy contains no industry-specific prohibitions (no restriction on securities, trading, or financial applications found). - SOC 2 Type II: Confirmed active. Annual independent audits. - Pipeline log transit: Orchestration metadata transits Buildkite SaaS controller. Source code and build artifacts remain on operator-owned agent infrastructure (never sent to Buildkite) when using self-hosted agents. - Sub-processors include: AWS (infrastructure), Datadog (observability/logging), Segment (analytics), PostHog (product analytics), Slack (notifications). - GDPR: Buildkite has appointed a Data Protection Officer. GDPR processing commitments are in the privacy policy. DPA details require contact at privacy@buildkite.com. - SLA: 99.95% platform uptime; 99.5% hosted agents. Service credits for premium customers.

Sources: - https://buildkite.com/about/legal/acceptable-use-policy/ - https://buildkite.com/about/legal/privacy-policy/ - https://buildkite.com/about/security/ - https://buildkite.com/about/legal/subprocessors/ - https://buildkite.com/about/legal/service-level-agreement/

Woodpecker CI — full data sovereignty: - Apache 2.0: permissive, no copyleft, commercial use unrestricted. - All pipeline logs, secrets, and build metadata remain on operator infrastructure. - GitHub OAuth is the only external data flow (same OAuth surface as current GHA). - No vendor ToS applies to build data. - GDPR posture: operator is the data controller for all pipeline data; no third-party processor involvement for build data beyond the operator's own chosen VPS provider.

Source: https://github.com/woodpecker-ci/woodpecker (LICENSE file, Apache-2.0)

5. Vendor Risk Profile

5.1 Ubicloud

Risk dimension Finding Risk level
Funding $16.5M seed round closed January 2024 (Y Combinator W24 + 500 Emerging Europe + angels) Medium-High
Revenue stage Pre-revenue / early growth (estimated valuation ~$4.4M per Crunchbase 2026 — note: this figure appears anomalously low for a post-Series-A stage; treat with skepticism) Unknown
Acquisition risk No acquisition activity found; however, at seed stage, acqui-hire or wind-down is a plausible scenario Medium
SLA No published uptime SLA found in ToS or docs High — no recourse
SOC 2 Not found in any publicly available documentation High for security-sensitive workloads
Outage history StatusGator tracking since September 2024: 49+ GitHub Actions runner incidents; multi-hour warning windows in October–November 2025; capacity constraint for large runners in May 2026 Medium-High
Data export No explicit data export right in ToS; termination-at-will with immediate destruction language High
Contract terms No annual commitment; month-to-month; no minimum Low (easy exit)
Self-hosted fallback Ubicloud core is Apache 2.0 OSS; operator could theoretically self-host, but "managed runner" service is separate from the OSS platform Medium mitigation

Sources: - https://siliconangle.com/2024/03/05/ubicloud-reels-16m-open-source-cloud-platform/ - https://www.crunchbase.com/organization/ubicloud/company_financials - https://statusgator.com/services/ubicloud/github-actions - https://www.ubicloud.com/docs/about/terms-of-service

5.2 Woodpecker CI

Risk dimension Finding Risk level
Project health ~4,500 GitHub stars; weekly release cadence as of 2026; active issue tracker Low
Acquisition risk No corporate entity to acquire; community-maintained Apache 2.0 project Low
Abandonment risk Forked from Drone CI after Harness acquisition (2022); has demonstrated resilience through one prior abandonment event Low-Medium
Vendor concentration Zero; operator owns all infrastructure None
SLA N/A (self-hosted) N/A
SOC 2 N/A (operator is responsible for their own infrastructure security) N/A
Outage history N/A (operator-controlled) Operator-dependent
Data export Full data ownership; no export needed None
Ops burden Server + agent binary + Postgres + VPS maintenance; small but non-zero for a solo operator Medium

Source: https://github.com/woodpecker-ci/woodpecker

5.3 Buildkite

Risk dimension Finding Risk level
Funding $47.2M total raised; last round Series B ($21M, November 2022, OneVentures + AirTree) Low
Revenue ~$17.9M ARR (2024, per Latka); 51% YoY growth Low
Profitability Profitable (confirmed, bootstrapped prior to Series A) Low
Headcount ~134 employees (2024) Low
Acquisition risk Independent; no acquisition signals; CEO transition (Kevin Gounden replaced Keith Pitt, August 2025) Low-Medium (watch leadership change)
SLA 99.95% platform; 99.5% hosted agents; published credits schedule Low
SOC 2 SOC 2 Type II, annual audits Low
Outage history No high-profile incidents found in public record Low
Data export ToS termination terms not extracted in full; recommend reviewing before signing Verify
Contract terms Monthly billing; no minimum publicly stated Low

Sources: - https://buildkite.com/about/press/buildkite-raises-usd-21m-series-b/ - https://getlatka.com/companies/buildkite#funding - https://buildkite.com/about/legal/service-level-agreement/ - https://buildkite.com/about/security/

6. Cost Projection Matrix

Assumptions: - GHA Team plan: 3,000 free minutes/month (included). Overage: $0.010/min (post-March 2026, includes $0.002/min platform fee). - Workload mix for Raxx: primarily Linux 2-vCPU (ubuntu-latest equivalent). The Queue service (C++ CMake) may benefit from 4-vCPU; not separately broken out here. - Ubicloud: Premium-2 runner at $0.0016/min (new-customer rate as of May 2026; standard runners discontinued for new customers). - Ubicloud $1/month credit included = 625 minutes of Premium-2 free. - Woodpecker: VPS cost assumed $9/mo (Hetzner CPX31 equivalent for concurrent builds). - Buildkite Free plan: self-hosted agent (no hosted minutes consumed), $0 platform cost. VPS for the agent: same $9/mo assumption as Woodpecker. - Buildkite Pro plan: $30/month + self-hosted agent VPS ($9/mo) = $39/mo; no overage if all builds run on self-hosted agent.

6.1 Lean: 2,000 min/mo

All 2,000 minutes fall within GHA's 3,000-minute free tier — GHA costs $4/mo (plan fee only).

Candidate Monthly cost Notes
GHA (current) $4.00 2,000 min < 3,000 free; plan fee only
Ubicloud Premium-2 $3.20 2,000 min × $0.0016 = $3.20 - $1.00 credit = $2.20; but plan/base fee not applicable
Woodpecker CI ~$9.00 VPS fixed; software is $0
Buildkite Free + self-hosted ~$9.00 $0 platform + VPS
Buildkite Pro + self-hosted ~$39.00 $30 platform + $9 VPS; overkill at this volume

At lean volume (2,000 min/mo), GHA is actually the cheapest path. Migration adds cost.

6.2 Threshold: 5,000 min/mo

This is the operator's stated trigger value from project_ci_billing. 5,000 - 3,000 free = 2,000 overage minutes.

Candidate Monthly cost Calculation vs GHA
GHA (current) $24.00 $4 plan + (2,000 × $0.010) baseline
Ubicloud Premium-2 $7.00 (5,000 × $0.0016) - $1.00 credit = $7.00 -71%
Woodpecker CI ~$9.00 VPS fixed; no per-minute cost -63%
Buildkite Free + self-hosted ~$9.00 $0 platform + VPS -63%
Buildkite Pro + self-hosted ~$39.00 $30 + $9 VPS +63% (higher, but buys SOC 2 / SLA / support)

Breakeven for Ubicloud vs GHA: The crossover point where Ubicloud Premium-2 becomes cheaper than GHA (factoring in the $4/month plan fee and 3,000 free minutes) is:

GHA cost = $4 + max(0, (N - 3000) × $0.010) Ubicloud cost = (N × $0.0016) - $1.00

Setting equal: $4 + (N - 3000) × $0.010 = N × $0.0016 - 1 $5 + 0.010N - 30 = 0.0016N -25 + 0.010N = 0.0016N (approximately) 0.0084N = 25 N ≈ 2,976 minutes

Ubicloud Premium-2 becomes cheaper than GHA at approximately 2,976 minutes/month — essentially at the point where GHA overage begins. Below that, GHA free tier wins on cost because $1 credit is less than the $4 GHA plan fee offset.

Breakeven for Woodpecker / Buildkite Free + self-hosted ($9 fixed) vs GHA: $4 + (N - 3000) × $0.010 = $9 (N - 3000) × $0.010 = $5 N - 3000 = 500 N ≈ 3,500 minutes

Woodpecker and Buildkite Free become cheaper than GHA at approximately 3,500 minutes/month.

6.3 Stretch: 10,000 min/mo

10,000 - 3,000 free = 7,000 overage minutes.

Candidate Monthly cost vs GHA
GHA (current) $74.00 $4 + (7,000 × $0.010)
Ubicloud Premium-2 $15.00 (10,000 × $0.0016) - $1.00 credit
Woodpecker CI ~$9.00 Fixed VPS
Buildkite Free + self-hosted ~$9.00 Fixed VPS
Buildkite Pro + self-hosted ~$39.00 Fixed

At stretch volume, both Woodpecker and Buildkite Free with self-hosted agent provide the maximum savings (near-fixed-cost model). Ubicloud still saves significantly but scales linearly with minutes consumed.

7. Architect's Three Open Questions — Answered

7.1 Ubicloud per-minute pricing for standard-2 and standard-8 runners vs Raxx's actual monthly consumption — does the 60–80% savings claim hold?

Answer: The savings claim holds directionally but requires one correction. As of May 2026:

The architect's 60–80% savings claim is validated. The upper bound (80%+) applies if most workload is on larger runners. The lower bound (~71%) applies at the 5,000 min/mo threshold using 2-vCPU runners. Caveat: the 26% price increase effective June 1, 2026 for existing customers narrows this gap slightly from the figures Ubicloud's marketing page still shows.

Sources: - https://www.ubicloud.com/docs/about/pricing - https://www.ubicloud.com/blog/ubicloud-price-adjustment-2026 - https://resources.github.com/actions/2026-pricing-changes-for-github-actions/

7.2 Ubicloud vendor risk — SLA, data residency, SOC 2, contract termination terms

Answer:

Item Finding Risk assessment
SLA No published uptime SLA found in ToS or documentation High — no contractual uptime guarantee
Data residency Operator can select geographic region at provisioning; however, Ubicloud ToS reserves the right to transfer data to other regions "at its sole discretion" unless agreed in writing Medium — needs written agreement to lock residency
SOC 2 Not found in any public documentation (website, docs, press releases) High for regulated workloads; unknown for general CI
Termination terms ToS: Ubicloud can terminate "at any time, with or without notice, effective immediately." Data "may be immediately forfeited and destroyed." No data export right published. High — no exit runway guaranteed
Contract Month-to-month, pay-as-you-go; no minimum commitment Low (easy exit on operator's side)
Fallback (OSS) Ubicloud core platform is Apache 2.0 open source; self-hosting the runner infrastructure is theoretically possible but is a separate, non-trivial implementation from the managed service Medium mitigation
DPA Available on request; contact info@ubicloud.com; not self-serve Medium — exists but requires legal engagement

BLR assessment: The absence of a published SLA and SOC 2 certification are the primary structural concerns for a startup using Ubicloud in a CI path that touches live-mode trading execution code. Raxx's CI runs code that gates live-mode features (RBAC gate, WAF rules, shadow GDPR delete). A runner outage that silently fails a required status check without alerting is a real risk. The 49+ GitHub Actions runner incidents since September 2024 (StatusGator data) indicate this is not a theoretical concern.

Specific question for operator: Does Ubicloud's lack of published SLA and SOC 2 certification cross your personal risk threshold for a CI platform that runs security-gating workflows? If yes, Buildkite is the alternative. If no (and you accept the startup risk for cost), Ubicloud is the operationally easiest path.

Sources: - https://www.ubicloud.com/docs/about/terms-of-service - https://statusgator.com/services/ubicloud/github-actions

7.3 Buildkite free tier restrictions and GDPR DPA availability

Answer:

Free tier restrictions (relevant to Raxx's 34-workflow shape):

Limit Free tier value Impact on Raxx
Active users 1 No impact (solo operator)
Concurrent jobs (hosted + self-hosted combined) 3 Potential bottleneck: Raxx runs 30+ jobs/day; if multiple workflows trigger simultaneously (e.g., a push triggers ci.yml + security scan + notify), the 3-job concurrent cap could queue builds. With self-hosted agents, concurrency is controlled by the number of agents started, not Buildkite's cap on self-hosted. Clarification needed: does the free-tier cap of 3 apply only to hosted agent concurrency, or to self-hosted too?
Hosted Linux minutes 500/mo Insufficient for 5,000 min/mo workload; would need self-hosted agent for all builds
Build retention 90 days Acceptable for most CI purposes; Pro gives 1 year
Pipeline count Unlimited No impact
Self-hosted agents Unlimited Covers all 34 workflows on self-hosted

Practical free-tier path for Raxx: Use unlimited self-hosted agents (own VPS/EC2), consume 0 hosted minutes, stay within the 1-user limit. The 3-concurrent-job cap is the only active constraint. If Raxx's workflows ever need >3 simultaneous jobs (e.g., matrix builds across Python 3.9/3.11/3.12), this cap would queue builds rather than fail them. For the described workload (mostly sequential, small jobs), this is workable but tight.

Buildkite Pro ($30/mo) removes the concurrency cap, raises build retention to 1 year, and includes 2,000 hosted Linux minutes — appropriate if any workflows need hosted runners (e.g., if the VPS has capacity constraints during heavy C++ builds).

GDPR / DPA availability:

Raxx-specific note: Raxx's CI pipelines do not intentionally process customer personal data. The GDPR surface here is narrow (developer commit metadata in job names), not customer PII. A DPA from Buildkite is nonetheless good practice given Raxx's securities context and pre-launch compliance posture.

Sources: - https://buildkite.com/pricing/ - https://buildkite.com/docs/platform/limits - https://buildkite.com/about/legal/privacy-policy/ - https://buildkite.com/about/legal/subprocessors/

8.1 Securities-tooling ToS screening

All three viable candidates were screened for prohibitions on securities-related applications, algorithmic trading platforms, or financial services workloads.

Candidate Prohibition found? Source reviewed
Ubicloud None found ToS at https://www.ubicloud.com/docs/about/terms-of-service
Woodpecker CI N/A (self-hosted; no SaaS ToS) Apache 2.0 license
Buildkite None found AUP at https://buildkite.com/about/legal/acceptable-use-policy/

Note on Sentry (not a CI candidate, but in the ecosystem): The previous vendor screening for APM noted that Honeybadger's ToS prohibits securities-execution software. No similar clause was found in any of the CI candidates researched here. If Buildkite is adopted and any pipeline-level observability is routed through Buildkite's own analytics pipeline (Datadog, Segment sub-processors), those vendors' ToS should also be reviewed. Research of those specific vendors is out of scope for this document.

8.2 Data residency flags

Candidate Where build data lives Control level
Ubicloud Runner ephemeral VMs in operator-selected region (Germany, Finland, Virginia, or AWS-powered); logs remain in GHA (operator-controlled) Medium — ToS allows Ubicloud to unilateral transfer; get written agreement
Woodpecker CI Entirely on operator-controlled VPS Full — no third-party cloud involvement for build data
Buildkite Orchestration metadata: AWS US East (Buildkite SaaS). Actual build artifacts + source: operator VPS/EC2 (self-hosted agent). Hosted agents: USA or EU. Mixed — metadata in US cloud; artifacts operator-controlled

8.3 DPA status

Candidate DPA available? How to obtain
Ubicloud Yes, on request info@ubicloud.com
Woodpecker CI N/A N/A (operator is the controller)
Buildkite Yes, on request privacy@buildkite.com

8.4 March 2026 GHA self-hosted runner platform fee

The new $0.002/min platform fee on self-hosted GHA runners (effective March 1, 2026) is a cost consideration if Raxx were to add self-hosted GHA runners to the current setup. This fee does NOT apply to Ubicloud (Ubicloud runners are billed under Ubicloud's own pricing, not GitHub's self-hosted runner fee). It DOES apply if Raxx runs its own EC2 as a GHA self-hosted runner going forward. Woodpecker and Buildkite both bypass this fee entirely as they are not GHA runners.

Source: https://github.blog/changelog/2025-12-16-coming-soon-simpler-pricing-and-a-better-experience-for-github-actions/

9. Hidden Costs and Gotchas

Items that the architect's design-lens evaluation may not surface:

9.1 Ubicloud

9.2 Woodpecker CI

9.3 Buildkite

10. Open Questions for Operator

These are genuine unknowns that require operator input before a decision:

  1. Annual contract vs month-to-month preference (applies to Buildkite Pro if chosen). Buildkite Pro is listed at $30/active-user/month. An annual contract may be available at a discount (not publicly listed). If Raxx is committing to Buildkite long-term, negotiating annual pricing before signing is worth one email to their sales team.

  2. Actual minutes/month usage figure. The 5,000 min/mo threshold is the operator's own stated trigger from project_ci_billing. The actual current burn is not confirmed in any source document. The GitHub Actions billing dashboard (Settings > Billing > Actions) shows exact minutes consumed. Pulling the current month's figure before choosing a candidate would sharpen the cost projection from an estimate to an actual number. At <3,000 min/mo, GHA free tier still wins on cost. At >5,000 min/mo, Ubicloud or a self-hosted solution clearly wins.

  3. Ubicloud SOC 2 / SLA risk threshold. The operator must decide whether Ubicloud's absence of a published SLA and SOC 2 certification is acceptable for a CI system that gates security-relevant workflows (WAF rules, RBAC gate, shadow GDPR delete, live-mode promotions). This is a subjective risk tolerance call, not a research question.

  4. Buildkite free-tier concurrency cap. Does Raxx's current workflow trigger pattern ever need more than 3 simultaneous jobs? Reviewing the GitHub Actions run logs for maximum concurrent job counts on a typical push day would determine whether the free tier's 3-job cap is a real constraint or a theoretical one.

11. Decision-Ready Summary

If the operator wants... Recommendation Monthly cost at 5,000 min/mo Migration effort
Zero YAML changes, lowest cost, accepts startup risk Ubicloud Premium-2 runners ~$7/mo XS (runner label swap only)
Maximum data sovereignty, zero SaaS dependency, accepts ops burden Woodpecker CI (self-hosted) ~$9/mo (VPS only) L (full YAML rewrite, 2–3 weeks)
SOC 2 / SLA / financial stability, free-to-start, hybrid model Buildkite Free + self-hosted agent ~$9/mo (VPS only) M (full YAML rewrite, 1–2 weeks)
SOC 2 / SLA / support + no concurrent-job cap Buildkite Pro + self-hosted ~$39/mo M (1–2 weeks)
Staying on GHA, no migration GHA Team plan (current) ~$24/mo at 5,000 min/mo None
Cirrus CI Do not adopt — shutting down June 1, 2026 N/A N/A

Financial single recommendation: If the operator's current monthly burn is confirmed above 3,500 minutes/month (the breakeven where self-hosted becomes cheaper than GHA), Buildkite Free with a self-hosted agent provides the best combination of cost savings, platform stability, SOC 2 certification, and migration reversibility (the MIT-licensed agent means no lock-in). The cost is equivalent to Woodpecker CI (~$9/mo VPS) with significantly less ops burden and a published SLA. Ubicloud is the cheaper and faster path if startup longevity risk is acceptable. The operator holds that call.

Appendix: Depot.dev (Architect-Flagged Additional Candidate)

The architect's doc (Section 9, Risks) flagged Depot.dev as a comparable runner replacement to Ubicloud not present in the awesome-ci list. Brief findings:

Before filing contracts, signing vendor agreements, or committing to any migration plan, consult a technology contracts attorney licensed in Pennsylvania to review vendor ToS termination clauses (Ubicloud in particular) and a CPA for any accounting treatment of SaaS subscription costs vs infrastructure capital expenses.

Sources