GPG GIT Commits.
If anyone is interested in setting up their system to automatically (or manually) sign their git commits with their GPG key, here are the steps:
- Generate and add your key to GitHub
$ git config --global commit.gpgsign true([OPTIONAL] every commit will now be signed)$ git config --global user.signingkey ABCDEF01(whereABCDEF01is the fingerprint of the key to use)$ git config --global alias.logs "log --show-signature"(now available as$ git logs)$ git config --global alias.cis "commit -S"(optional if global signing is false)$ echo "Some content" >> example.txt$ git add example.txt$ git cis -m "This commit is signed by a GPG key."(regularcommitwill work if global signing is enabled)$ git logs
IntelliJ IDEA Integration #
If you perform git commits through IntelliJ and want them to be signed, add the following line to your ~/.gnupg/gpg.conf file:
# This option tells gpg not to expect a TTY interface and allows IntelliJ to sign commits
no-tty
Atlassian SourceTree Integration #
If you perform git commits through SourceTree and want them to be signed, open Preferences > General and ensure that the GPG Program field has the value set to the directory containing the gpg2 executable, for example /usr/local/MacGPG2/bin. Even if your gpg executable is version 2, the gpg2 executable must be present.
Then click the Settings icon at the top right of a repository window, click the Security icon, and check “Enable GPG key signing for commits” and select the desired key. If you have a default-key setting in ~/.gnupg/gpg.conf, this should be correctly populated already.
Resources #
- https://youtrack.jetbrains.com/issue/IDEA-110261#comment=27-1388832
- https://github.com/blog/2144-gpg-signature-verification
- https://help.github.com/articles/signing-commits-using-gpg/
- https://unix.stackexchange.com/questions/48862/how-can-i-create-an-alias-for-a-git-action-command-which-includes-spaces
- https://mikegerwitz.com/papers/git-horror-story
- https://blog.erincall.com/p/signing-your-git-commits-with-gpg