[DaSpood]

100% trust looks like an impossible goal, there will always be someone who refuses to trust your product even if they were able to directly observe the entire process from idea to creation to deployment and operation, because those people exist in other fields with similarly indisputable 'proofs', so there's no reason to believe they would not exist in this field.

As for your question, if the entire source code of your application, including the CI, is open-source and anyone can read it, anyone can see whether the system really is closed with no option for backdoor or exploit, or if there's actually a way to corrupt it.

Remember 0-risk does not exist, therefore 100% reliability does not exist either and 100% trust should not exist. As soon as the program is even slightly complex all it takes is one tiny well-hidden unintentional bug to introduce a vulnerability that makes your service exploitable.