I once had a great chat with @bkeepers once about Lamba as a option for user security, today this really clicked into place as to how this could work with Peril.

In Danger JS, there is a tool called danger process - https://danger.systems/js/usage/danger-process - by separating the danger setup, vs the danger run then it allows any language to create their own runtime without all the faffing.

By the same process, Peril can do all the setup, and lambda can handle running the dangerfile. This could handle my two biggest problems: Handling running a lot of dangerfiles and the security issues around running a Dangerfile safely.

In this setup:

• GitHub sends events to Peril
• Peril decides what to run
• For everything that needs to run, Peril will download and set up a lambda "job" (I don't know the terminology)
• The lambda job receives a post with the DSL, and an access token (and anything else that is critical)

Questions for me to figure:

• What is a lambda job? 🥇
• Can I provide node modules in some customizable way? ( I probably don't need to for the main Peril though )
• This feels like a pretty scalable approach 👍 - is it?