With GitOps, the git repos are now tied much closer to production, introducing new or increased risks. Anyone aware of interesting writeups or other material on securing these repos and maintaining security in the GitOps process? GitLab or in general. I'm particularly interested in contexts around energy/capital goods/gov/defence and other high value systems, but anything helps!

The git repos that move closer to production should not have source code. They should only have infra definitions such as Kubernetes manifests or terraform files or puppet/ansible stuff. So I am not really sure if the risk is increasing in any way. Care to elaborate please @Roy Olsen (Xait)?

The risk surrounding repositories appear to increase as changes to definitions impact production directly and repos may provide a clear path to production if compromised.