Skip to content

PGP/GPG Integration - reject un-signed commits with hooks

This issue was split from the original issue.

Create GitLab EE git hooks to be able to reject un-signed commits (see git push-Manpage).

Relating issues:

  1. PGP/GPG Integration - display/highlight signed commits and tags
  2. PGP/GPG integration - Signature

Proposal

Mimicking the proposal from https://gitlab.com/gitlab-org/gitlab-ee/issues/2445

Design

Add an option to Push Rules both in the Admin Panel and with Project settings:

Admin Project
Screen_Shot_2017-09-06_at_12.39.18_PM Screen_Shot_2017-09-06_at_12.35.28_PM

If the setting is applied within the admin panel, a non-admin will see the following on a project:

[input checked, disabled] **Reject unsigned commits**
Only signed commits can be pushed to this repository. This setting is applied on the server level. Contact an admin to change this setting.

If the setting is applied within the admin panel, an admin will see the following on a project:

[input checked, enabled] **Reject unsigned commits**
Only signed commits can be pushed to this repository. This setting is applied on the server level and can be overridden by an admin.

If the setting is applied within the admin panel, and an admin has overrode the setting on a project, the admin will see:

[input not-checked, enabled] **Reject unsigned commits**
Only signed commits can be pushed to this repository. This setting is applied on the server level but has been overridden for this project.

If the setting is applied within the admin panel, and a non-admin has overrode the setting on a project, the admin will see:

[input not-checked, disabled] **Reject unsigned commits**
Only signed commits can be pushed to this repository. This setting is applied on the server level but has been overridden for this project. Contact an admin to change this setting.
Edited by Taurie Davis