Ability to audit tag/branch references being accessed
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
I'd like to see what tags/branches are being pulled/cloned from my repositories in order to audit the use of specific tags or branches. This is particularly important to audit the use of Terraform Modules being used which are versioned using specific tags.
For example:
module "foo" {
source = git::git@<gitlab-host>/terraform-modules/terraform-aws-vpc.git?ref=v1.2.3"
…Being able to track which tags are being referenced (pulled) by our IaC will allow for detecting what versions of our TF modules are being used and allow us to work with others to ensure that they are keeping up with newer versions and allow us to see where version drift is occurring.
Currently we have no insight into this, either through the GitLab API or the log files in our GitLab cluster.