search

open-gitops / project

Repository for top-level information about the OpenGitOps project
https://opengitops.dev/
Other
931 stars 43 forks source link

Repository Protection #62

Closed torstenwalter closed 2 years ago

torstenwalter commented 3 years ago

GitOps brings many benefits including auditability. It's easy to walk back in time an know what was the desired state back then. One can look up who approved and merged changes. Commits can be signed etc.

One thing which needs to be taken care of is the correct configuration of git repositories. The best audit log is not worth the name if someone is able to overwrite all your changes by doing a force push or if the repository can be deleted by accident.

I think it's worth documenting best practices to configure git repositories. It could explain concepts and contain details for various git providers such as GitHub, GitLab, Gogs, ...

todaywasawesome commented 3 years ago

Great idea, we might want to start a proposal process for ideas like this and best practices. Immutable storage is key and if there's no protection in place then maybe Git won't qualify.

torstenwalter commented 3 years ago

What's a good place to start documenting this?

scottrigby commented 2 years ago

Hey @torstenwalter 👋 moving this to open-gitops/project so we can revisit and see what's needed in the repos on this GitHub org.