Ensure GitLab projects commits are signed
Error: Gitlab project commits are not signed
Bridgecrew Policy ID: BC_REPO_GITLAB_TF_4
Checkov Check ID: CKV_GLB_4
Severity: LOW
Gitlab project commits are not signed
Description
In GitLab, administrators can turn on the capability to require signed commits for a project. When you enable required commit signing on a branch, contributors and bots can only push commits that have been signed and verified to the branch. If a collaborator pushes an unsigned commit to a branch that requires commit signatures, the collaborator will need to rebase the commit to include a verified signature, then force push the rewritten commit to the branch.
Fix - Buildtime
Terraform
- Resource: gitlab_project
- Attribute: prevent_secrets
resource "gitlab_project" "example-two" {
...
push_rules {
...
+ reject_unsigned_commits = true
}
}
Updated 9 months ago