Added support for ssh signed commits and completed gpg signed commit work

[dlactin]

Building upon the work done in PR 428 to add support for SSH signed commits.

Updated Documentation to include instructions and examples for adding an SSH signing key along with links to repository provider documentation for setting up commit verification.

Updated deployment to include volumes for SSH key secrets and the respective volume mounts.

[jannfis]

Hey @dlactin, thanks for this PR.

I was wondering what the value-add for this would be, because Argo CD would not be able to validate those commits signed by SSH just yet?

[dlactin]

Hey @jannfis, in our case we require signed commits on our infrastructure repositories. So we are unable to have image updater commit to any of our protected branches without this change.

Adding commit signing capability to image updater will allow verified commits to the target repo, commit validation with ArgoCD would be a bonus when that feature is available.

[jannfis]

Thanks for the clarification, @dlactin. The feature makes sense to me, then. Also, I guess with Source Verification Policies hopefully coming to Argo CD, we could as well integrate verification of SSH signatures and Image Updater would already know how to do sign using SSH then.

+1 from me for this feature. Please give us some time to review.

[jannfis]

I got a couple of comments, PTAL.

[jannfis]

Just as a heads up, this is good to go. Waiting for #737 to be merged, then we'd need to rebase this one on top of the Git client changes. It shouldn't be too much work though.

[jannfis]

@dlactin Thank you for your patience! #737 has been merged, and as expected left a couple of conflicts for this PR. I can support you to resolve them, or let you do it on your own. Please let me know what you prefer.

[dlactin]

@dlactin Thank you for your patience! #737 has been merged, and as expected left a couple of conflicts for this PR. I can support you to resolve them, or let you do it on your own. Please let me know what you prefer.

Hey, not a problem!

I won't have time to finish this up until sometime next week so feel free to resolve them if you'd like! Otherwise I'm happy to pick this back up later.

[jannfis]

Awesome, thank you so much @dlactin, and also thank you @chengfang for the additional review!

LGTM.