Enable Hooks during the "deployment flow"

[mirisbowring]

I have a very specific usecase but maybe this can be implemented in a more generous way.

I have my "IaC" on GitHub (in a private repo). I am signing all my stuff with pgp. I don't trust GitHub.
Therefor i would like to be able to verify the integrity (via signature verification). There are multiple ways, depending on the attack vector like just git verifiy-signature or https://github.com/YubicoLabs/gitbark or anything else.

So my Proposal is to have an option to configure a "post pull hook" or something that can execute a script / code to do something and maybe fail and therefor prevent the deployments.

[kimdre]

The doco-cd container does not provide a shell or any binaries/commands that are not strictly necessary to run the application. Custom shell scripts are therefore out of question. What I can implement however is a verification of the commit that will be deployed, similiar to the git verifiy-signature command, with your GPG public key.

[mirisbowring]

Mhm I am not sure if this would be the best idea - since signature verification can be done very differently.
By default, git only verifies the latest commit.
This exposes many threats.

I would e.g. require to verify ALL commits -> this would require joiner/mover/leaver processes (of their public keys). Because you don't want to accept new commits of an older key but the old commits should still be validated, etc.

As you can see, depending on the threat model / need of the user, this can get very complex and i don't think it would be the best idea to do this in the app itself (else you would have to handle too many use cases or the users would not be satisfied) 😄

Would it e.g. be possible to have a sidecar container (communication via rest) or maybe a golang plugin system or something like this?

I don't want you to introduce to much complexity - just thinking about how i could solve my topic in an elegant way 😊

[mirisbowring]

Hi @kimdre did you have time to think about such use cases and how to implement it without introducing to much dependency on the core project?
It would also be possible to call stuff via REST on a sidecar container or something... :)

[kimdre]

I'm currently refactoring my code and moving the deployment logic to a stage system. This would also make it possible to implement a plugin feature that allows users to run custom code on a specifc stage during the deployment process (like pre-deploy or post-deploy).

[mirisbowring]

Ah nice for the info! :D
Sounds great! Would be happy to implement something then :)

[kimdre]

Update:
I added a wiki page about how to use Pre- and Post-Deployment Scripts with doco-cd.

Hi, I documented some possible solutions for pre-/post-deployment scripts here:
#919 (comment)