<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=24971) </details> <!--IssueSummary end--> ### Problem to solve The `include` keyword is quite useful to simplify structure of `.gitlab-ci.yml` file. At the moment, however, I can include only files that are completely in my control. If I see something cool in another repo, I cannot include it, because I cannot be sure the file will not be edited. An edit can be also malicious, studied to exfiltrate data. ### Further details At the moment I can only include other's people files (including Gitlab's own examples) copying them in a repo / host controlled by me. I'd like to be able to simply include an external file, without having to worry it will be edited. In a future it could also exist a service with a collection of useful template, a la pastebin ### Proposal Add another keyword, like `sha256`, where you can specify what's the hash of the file you expect. If such keyword is specified, Gitlab checks the hash of the file it downloads before merging it. If the two hashes are different, the `include`d file is not download, and the job emits a warning / completely fails.