Closed torstenwalter closed 2 years ago
Great idea, we might want to start a proposal process for ideas like this and best practices. Immutable storage is key and if there's no protection in place then maybe Git won't qualify.
What's a good place to start documenting this?
Hey @torstenwalter 👋 moving this to open-gitops/project so we can revisit and see what's needed in the repos on this GitHub org.
GitOps brings many benefits including auditability. It's easy to walk back in time an know what was the desired state back then. One can look up who approved and merged changes. Commits can be signed etc.
One thing which needs to be taken care of is the correct configuration of git repositories. The best audit log is not worth the name if someone is able to overwrite all your changes by doing a force push or if the repository can be deleted by accident.
I think it's worth documenting best practices to configure git repositories. It could explain concepts and contain details for various git providers such as GitHub, GitLab, Gogs, ...