diff --git a/cmd/kosli/assertPRAzure.go b/cmd/kosli/assertPRAzure.go
index 0695cfcb9..29513ba57 100644
--- a/cmd/kosli/assertPRAzure.go
+++ b/cmd/kosli/assertPRAzure.go
@@ -47,7 +47,7 @@ func newAssertPullRequestAzureCmd(out io.Writer) *cobra.Command {
 
 	ci := WhichCI()
 	addAzureFlags(cmd, azureFlagsValues, ci)
-	cmd.Flags().StringVar(&o.commit, "commit", DefaultValue(ci, "git-commit"), commitPREvidenceFlag)
+	cmd.Flags().StringVar(&o.commit, "commit", DefaultValueForCommit(ci, true), commitPREvidenceFlag)
 	addDryRunFlag(cmd)
 
 	err := RequireFlags(cmd, []string{"azure-token", "azure-org-url", "project", "commit", "repository"})
diff --git a/cmd/kosli/assertPRBitbucket.go b/cmd/kosli/assertPRBitbucket.go
index 43282d895..0cdf09851 100644
--- a/cmd/kosli/assertPRBitbucket.go
+++ b/cmd/kosli/assertPRBitbucket.go
@@ -47,7 +47,7 @@ func newAssertPullRequestBitbucketCmd(out io.Writer) *cobra.Command {
 
 	ci := WhichCI()
 	addBitbucketFlags(cmd, o.bbConfig, ci)
-	cmd.Flags().StringVar(&o.commit, "commit", DefaultValue(ci, "git-commit"), commitPREvidenceFlag)
+	cmd.Flags().StringVar(&o.commit, "commit", DefaultValueForCommit(ci, true), commitPREvidenceFlag)
 	addDryRunFlag(cmd)
 
 	err := RequireFlags(cmd, []string{"bitbucket-username", "bitbucket-password",
diff --git a/cmd/kosli/assertPRGithub.go b/cmd/kosli/assertPRGithub.go
index 9b6e81fcf..83e60c518 100644
--- a/cmd/kosli/assertPRGithub.go
+++ b/cmd/kosli/assertPRGithub.go
@@ -46,7 +46,7 @@ func newAssertPullRequestGithubCmd(out io.Writer) *cobra.Command {
 
 	ci := WhichCI()
 	addGithubFlags(cmd, githubFlagsValues, ci)
-	cmd.Flags().StringVar(&o.commit, "commit", DefaultValue(ci, "git-commit"), commitPREvidenceFlag)
+	cmd.Flags().StringVar(&o.commit, "commit", DefaultValueForCommit(ci, true), commitPREvidenceFlag)
 	addDryRunFlag(cmd)
 
 	err := RequireFlags(cmd, []string{"github-token", "github-org", "commit", "repository"})
diff --git a/cmd/kosli/assertPRGitlab.go b/cmd/kosli/assertPRGitlab.go
index 3c114691c..f906eaf83 100644
--- a/cmd/kosli/assertPRGitlab.go
+++ b/cmd/kosli/assertPRGitlab.go
@@ -44,7 +44,7 @@ func newAssertPullRequestGitlabCmd(out io.Writer) *cobra.Command {
 
 	ci := WhichCI()
 	addGitlabFlags(cmd, o.gitlabConfig, ci)
-	cmd.Flags().StringVar(&o.commit, "commit", DefaultValue(ci, "git-commit"), commitPREvidenceFlag)
+	cmd.Flags().StringVar(&o.commit, "commit", DefaultValueForCommit(ci, true), commitPREvidenceFlag)
 	addDryRunFlag(cmd)
 
 	err := RequireFlags(cmd, []string{
diff --git a/cmd/kosli/attestArtifact.go b/cmd/kosli/attestArtifact.go
index 6be97ef89..52a6ca67e 100644
--- a/cmd/kosli/attestArtifact.go
+++ b/cmd/kosli/attestArtifact.go
@@ -93,7 +93,7 @@ func newAttestArtifactCmd(out io.Writer) *cobra.Command {
 	ci := WhichCI()
 	cmd.Flags().StringVarP(&o.payload.Fingerprint, "fingerprint", "F", "", fingerprintFlag)
 	cmd.Flags().StringVarP(&o.flowName, "flow", "f", "", flowNameFlag)
-	cmd.Flags().StringVarP(&o.gitReference, "commit", "g", DefaultValue(ci, "git-commit"), gitCommitFlag)
+	cmd.Flags().StringVarP(&o.gitReference, "commit", "g", DefaultValueForCommit(ci, true), gitCommitFlag)
 	cmd.Flags().StringVarP(&o.payload.BuildUrl, "build-url", "b", DefaultValue(ci, "build-url"), buildUrlFlag)
 	cmd.Flags().StringVarP(&o.payload.CommitUrl, "commit-url", "u", DefaultValue(ci, "commit-url"), commitUrlFlag)
 	cmd.Flags().StringVar(&o.srcRepoRoot, "repo-root", ".", repoRootFlag)
diff --git a/cmd/kosli/beginTrail.go b/cmd/kosli/beginTrail.go
index af003b44a..1d42846e0 100644
--- a/cmd/kosli/beginTrail.go
+++ b/cmd/kosli/beginTrail.go
@@ -5,6 +5,7 @@ import (
 	"io"
 	"net/http"
 
+	"github.com/kosli-dev/cli/internal/gitview"
 	"github.com/kosli-dev/cli/internal/requests"
 	"github.com/spf13/cobra"
 )
@@ -26,12 +27,15 @@ type beginTrailOptions struct {
 	templateFile string
 	userDataFile string
 	flow         string
+	commitSHA    string
+	srcRepoRoot  string
 }
 
 type TrailPayload struct {
-	Name        string      `json:"name"`
-	Description string      `json:"description"`
-	UserData    interface{} `json:"user_data"`
+	Name        string                   `json:"name"`
+	Description string                   `json:"description"`
+	UserData    interface{}              `json:"user_data"`
+	Commit      *gitview.BasicCommitInfo `json:"git_commit_info,omitempty"`
 }
 
 func newBeginTrailCmd(out io.Writer) *cobra.Command {
@@ -58,10 +62,13 @@ func newBeginTrailCmd(out io.Writer) *cobra.Command {
 		},
 	}
 
+	ci := WhichCI()
 	cmd.Flags().StringVar(&o.flow, "flow", "", flowNameFlag)
 	cmd.Flags().StringVar(&o.payload.Description, "description", "", trailDescriptionFlag)
 	cmd.Flags().StringVarP(&o.templateFile, "template-file", "f", "", templateFileFlag)
 	cmd.Flags().StringVarP(&o.userDataFile, "user-data", "u", "", trailUserDataFlag)
+	cmd.Flags().StringVarP(&o.commitSHA, "commit", "g", DefaultValueForCommit(ci, false), beginTrailCommitFlag)
+	cmd.Flags().StringVar(&o.srcRepoRoot, "repo-root", ".", attestationRepoRootFlag)
 	addDryRunFlag(cmd)
 
 	err := RequireFlags(cmd, []string{"flow"})
@@ -83,6 +90,18 @@ func (o *beginTrailOptions) run(args []string) error {
 		return err
 	}
 
+	if o.commitSHA != "" {
+		gv, err := gitview.New(o.srcRepoRoot)
+		if err != nil {
+			return err
+		}
+		commitInfo, err := gv.GetCommitInfoFromCommitSHA(o.commitSHA)
+		if err != nil {
+			return err
+		}
+		o.payload.Commit = &commitInfo.BasicCommitInfo
+	}
+
 	form, err := newFlowForm(o.payload, o.templateFile, false)
 	if err != nil {
 		return err
diff --git a/cmd/kosli/beginTrail_test.go b/cmd/kosli/beginTrail_test.go
index e2037927f..5a74cce9c 100644
--- a/cmd/kosli/beginTrail_test.go
+++ b/cmd/kosli/beginTrail_test.go
@@ -63,6 +63,11 @@ func (suite *BeginTrailCommandTestSuite) TestBeginTrailCmd() {
 			cmd:    fmt.Sprintf("begin trail test-123 --flow %s --template-file testdata/valid_template.yml --description \"my new flow\" %s", suite.flowName, suite.defaultKosliArguments),
 			golden: "trail 'test-123' was updated\n",
 		},
+		{
+			name:   "can update a trail with commit",
+			cmd:    fmt.Sprintf("begin trail test-123 --flow %s --template-file testdata/valid_template.yml --commit HEAD --repo-root ../.. %s", suite.flowName, suite.defaultKosliArguments),
+			golden: "trail 'test-123' was updated\n",
+		},
 		{
 			wantError: true,
 			name:      "missing --org flag causes an error",
diff --git a/cmd/kosli/cli_utils.go b/cmd/kosli/cli_utils.go
index f5e88bcec..1a5e4000f 100644
--- a/cmd/kosli/cli_utils.go
+++ b/cmd/kosli/cli_utils.go
@@ -141,12 +141,24 @@ func DefaultValue(ci, flag string) string {
 			}
 			return result
 		}
-		// when not in a known CI, default some values
-		if flag == "git-commit" {
+	}
+	return ""
+}
+
+// DefaultValueForCommit returns DefaultValue for 'git-commit' in
+// the given CI. Otherwise, returns HEAD if returnHead is true,
+// empty string otherwise
+func DefaultValueForCommit(ci string, returnHead bool) string {
+	value := DefaultValue(ci, "git-commit")
+	if value != "" {
+		return value
+	} else {
+		if returnHead {
 			return "HEAD"
+		} else {
+			return ""
 		}
 	}
-	return ""
 }
 
 // RequireFlags declares a list of flags as required for a given command
diff --git a/cmd/kosli/flags.go b/cmd/kosli/flags.go
index 5860fa28c..8a2674dac 100644
--- a/cmd/kosli/flags.go
+++ b/cmd/kosli/flags.go
@@ -58,7 +58,7 @@ func addGitlabFlags(cmd *cobra.Command, gitlabConfig *gitlabUtils.GitlabConfig,
 func addArtifactPRFlags(cmd *cobra.Command, o *pullRequestArtifactOptions, ci string) {
 	addArtifactEvidenceFlags(cmd, &o.payload.TypedEvidencePayload, ci)
 	cmd.Flags().StringVarP(&o.userDataFilePath, "user-data", "u", "", evidenceUserDataFlag)
-	cmd.Flags().StringVar(&o.commit, "commit", DefaultValue(ci, "git-commit"), commitPREvidenceFlag)
+	cmd.Flags().StringVar(&o.commit, "commit", DefaultValueForCommit(ci, false), commitPREvidenceFlag)
 	cmd.Flags().StringVarP(&o.flowName, "flow", "f", "", flowNameFlag)
 	cmd.Flags().BoolVar(&o.assert, "assert", false, assertPREvidenceFlag)
 }
@@ -76,7 +76,7 @@ func addCommitPRFlags(cmd *cobra.Command, o *pullRequestCommitOptions, ci string
 
 func addCommitEvidenceFlags(cmd *cobra.Command, payload *TypedEvidencePayload, ci string) {
 	addEvidenceFlags(cmd, payload, ci)
-	cmd.Flags().StringVar(&payload.CommitSHA, "commit", DefaultValue(ci, "git-commit"), commitEvidenceFlag)
+	cmd.Flags().StringVar(&payload.CommitSHA, "commit", DefaultValueForCommit(ci, false), commitEvidenceFlag)
 	cmd.Flags().StringSliceVarP(&payload.Flows, "flows", "f", []string{}, flowNamesFlag)
 }
 
@@ -95,7 +95,7 @@ func addListFlags(cmd *cobra.Command, o *listOptions) {
 
 func addAttestationFlags(cmd *cobra.Command, o *CommonAttestationOptions, payload *CommonAttestationPayload, ci string) {
 	cmd.Flags().StringVarP(&payload.ArtifactFingerprint, "fingerprint", "F", "", attestationFingerprintFlag)
-	cmd.Flags().StringVarP(&o.commitSHA, "commit", "g", DefaultValue(ci, "git-commit"), attestationCommitFlag)
+	cmd.Flags().StringVarP(&o.commitSHA, "commit", "g", DefaultValueForCommit(ci, false), attestationCommitFlag)
 	cmd.Flags().StringVarP(&payload.Url, "url", "b", DefaultValue(ci, "build-url"), attestationUrlFlag)
 	cmd.Flags().StringVarP(&o.attestationNameTemplate, "name", "n", "", attestationNameFlag)
 	cmd.Flags().StringVar(&payload.EvidenceFingerprint, "evidence-fingerprint", "", evidenceFingerprintFlag)
diff --git a/cmd/kosli/reportArtifact.go b/cmd/kosli/reportArtifact.go
index bfe1f828a..3a2b752d4 100644
--- a/cmd/kosli/reportArtifact.go
+++ b/cmd/kosli/reportArtifact.go
@@ -86,7 +86,7 @@ func newReportArtifactCmd(out io.Writer) *cobra.Command {
 	ci := WhichCI()
 	cmd.Flags().StringVarP(&o.payload.Fingerprint, "fingerprint", "F", "", fingerprintFlag)
 	cmd.Flags().StringVarP(&o.flowName, "flow", "f", "", flowNameFlag)
-	cmd.Flags().StringVarP(&o.gitReference, "git-commit", "g", DefaultValue(ci, "git-commit"), gitCommitFlag)
+	cmd.Flags().StringVarP(&o.gitReference, "git-commit", "g", DefaultValueForCommit(ci, false), gitCommitFlag)
 	cmd.Flags().StringVarP(&o.payload.BuildUrl, "build-url", "b", DefaultValue(ci, "build-url"), buildUrlFlag)
 	cmd.Flags().StringVarP(&o.payload.CommitUrl, "commit-url", "u", DefaultValue(ci, "commit-url"), commitUrlFlag)
 	cmd.Flags().StringVar(&o.srcRepoRoot, "repo-root", ".", repoRootFlag)
diff --git a/cmd/kosli/root.go b/cmd/kosli/root.go
index 4e0e12e26..986959736 100644
--- a/cmd/kosli/root.go
+++ b/cmd/kosli/root.go
@@ -168,13 +168,14 @@ The service principal needs to have the following permissions:
 	showUnchangedArtifactsFlag  = "[defaulted] Show the unchanged artifacts present in both snapshots within the diff output."
 	approverFlag                = "[optional] The user approving an approval."
 	attestationFingerprintFlag  = "[optional] The SHA256 fingerprint of the artifact to attach the attestation to."
-	attestationCommitFlag       = "The git commit associated to the attestation. (defaulted in some CIs: https://docs.kosli.com/ci-defaults )."
+	attestationCommitFlag       = "[optional] The git commit associated to the attestation. (defaulted in some CIs: https://docs.kosli.com/ci-defaults )."
 	attestationUrlFlag          = "The url pointing to where the attestation came from or is related. (defaulted to the CI url in some CIs: https://docs.kosli.com/ci-defaults )."
 	attestationNameFlag         = "The name of the attestation as declared in the flow or trail yaml template."
 	attestationCompliantFlag    = "[defaulted] Whether the attestation is compliant or not. A boolean flag https://docs.kosli.com/faq/#boolean-flags"
 	attestationRepoRootFlag     = "[defaulted] The directory where the source git repository is available. Only used if --commit is used."
 	uploadJunitResultsFlag      = "[defaulted] Whether to upload the provided Junit results directory as evidence to Kosli or not."
 	attestationAssertFlag       = "[optional] Exit with non-zero code if the attestation is non-compliant"
+	beginTrailCommitFlag        = "[defaulted] The git commit from which the trail is begun. (defaulted in some CIs: https://docs.kosli.com/ci-defaults, otherwise defaults to HEAD )."
 )
 
 var global *GlobalOpts