Feature Request: Support Git-Commit Verification #4333
Description
Is your feature request related to a problem?
There is currently no trivial way to have fleet verify commit signatures. This would protect against a compromised git server. My Team already verifies all commits locally automatically and we would love if Fleet would do the same.
Solution you'd like
My dream solution would be to have a configuration option, to enable verification, and a list of public keys (GPG or SSH) which to accept:
verifyCommits: true
gitCommitsTrustedPublicKeys:
- [email protected] AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBInN1j8laTYxXR6BCO2lO1xrWTj7c6wiWQqN//2JGNqM6JiSSGpkotQs6jCXloAEnwhQo3GbGI94KBtCoVgJReAAAAAEc3NoOg==
- gpg:96EC02367D5A393663E7E140E133DC84ACC1429D
..and just hard-fail the deployment if the commit is invalid or the key is not trusted.
Alternatives you've considered
Currently we use two repositories. One hosted in the same k3s as the fleet-controller and one remotely. A deployment constantly checks to remote repo for updates and if there are any, pulls, verifies and pushes it to the local repo, form which fleet is reading.
That works but it feels like a silly anti-pattern and people are always confused by it, also somebody has to set that up by hand, because obviously it can't be part of the fleet managed deployments.
Anything else?
No response