From aff0277363e8b821c24f41d175e83fc32be54183 Mon Sep 17 00:00:00 2001 From: Ly Nguyen Date: Thu, 17 Oct 2024 10:59:51 -0700 Subject: [PATCH] Git commit signing in IDE --- .../cloud/dbt-cloud-ide/git-commit-signing.md | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 website/docs/docs/cloud/dbt-cloud-ide/git-commit-signing.md diff --git a/website/docs/docs/cloud/dbt-cloud-ide/git-commit-signing.md b/website/docs/docs/cloud/dbt-cloud-ide/git-commit-signing.md new file mode 100644 index 00000000000..c21649e36de --- /dev/null +++ b/website/docs/docs/cloud/dbt-cloud-ide/git-commit-signing.md @@ -0,0 +1,32 @@ +--- +title: "Git commit signing" +description: "Learn how to sign your Git commits when using the IDE for development." +--- + +# Git commit signing + +To improve identity protection/impersonation and enhance security, you can sign your Git commits when pushing them to the repository. Using your signature, a Git provider can cryptographically verify it and mark the commit as "verified", giving people increased confidence about the origin of the commit. + +You can configure dbt Cloud to sign your Git commits when using the IDE for development. To set up, enable the feature in dbt Cloud, generate a GPG keypair, and upload the public key to your Git provider to use for signature verification. + + +## Prerequisites + +- GitHub or GitLab is your Git provider. Currently, Azure DevOps is not supported. +- You have a dbt Cloud account on the [Enterprise plan](https://www.getdbt.com/pricing/). + +## Generate GPG keypair + + + + +## Upload to Git provider + +- GitHub instructions: https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-gpg-key-to-your-github-account +- GitLab instructions: https://docs.gitlab.com/ee/user/project/repository/signed_commits/gpg.html + + +## Considerations + +- The keypair is not tied to any specific account - it exists at the user level. There is a 1:1 relationship between user and keypair. The same key will be used for signing commits on any accounts the user is a member of +- In order for commit’s to be marked as verified, the user’s dbt cloud email address must be a verified email address within their git provider