-
Notifications
You must be signed in to change notification settings - Fork 599
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
flux bootstrap disables GPG commit verification #1615
Comments
If you patch your resources as described in https://fluxcd.io/docs/installation/#customize-flux-manifests this should not happen. |
Thanks for the point, it works. |
However should I let this issue open until a warning message is issued if |
We've added a warning to the sync manifests in #2050, closing this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
I enabled GPG commit verification by adding
verify
to the defaultGitRepository
ingotk-sync.yaml
:It works as expected.
However running
flux bootstrap
again (should be idempotent) removes theverify
part.flux bootstrap
(e.g., on upgrade)To Reproduce
flux bootstrap
flux-gpg-pubkeys
Secret (if needed)verify
key toGitRepository
object ingotk-sync.yaml
✔️
verify
key is present5. Run
flux bootstrap
again6. Run
verify
key is not present anymore (you may also check commit issued by flux)Expected behavior
GPG commit verification should not be disabled on
flux bootstrap
.At least a strong warning message should be raised.
Ideally a --verify parameter to configure GPG commit verification should be added to flux CLI.
Additional context
Below please provide the output of the following commands:
The text was updated successfully, but these errors were encountered: