-
-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add --gpg-sign to git commit
calls
#29
Conversation
This is awkward to test reliably as git looks at the global config (~/.gitconfig) of the user running the tests, and will pick up the commit.gpgSign setting from there. Hopefully this will work in CI, but we'll see.
Would aliasing the gpg command to use a different home directory while testing work? E.g:
From: |
Great idea! I'll take a look. |
Sweet, I also discovered https://stackoverflow.com/questions/55576302/how-do-i-pass-homedir-to-git-when-signing-using-gpg which helps to convince git to use the right gpg home directory. Easier that writing shell script wrappers. |
I used a step in the actual `release.sh` test script to verify the tag was signed. Seems simpler than any alternative I can think of.
Do you think we should have a pre-flight check for GPG keys? I'm not sure how clear the feedback will be if you don't have them set up. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
Would be nice. We don't have it documented that you should set it up so it's either writing a check or documentation. |
This is awkward to test as it integrates with gpg tooling and key database.
🤔 What's changed?
--gpg-sign
to allgit commit
commands (except in tests)git log
output used in approval tests.user@example.com
), which is installed when the tests run.⚡️ What's your motivation?
We want all commits to be signed.
🏷️ What kind of change is this?
♻️ Anything particular you want feedback on?
user@example.com
key in your gpg key list. I can't work how to delete this non-interactively (mypintentry
fires up even if I usegpg --delete-secret-keys
in--batch
mode. Is this OK?📋 Checklist:
This text was originally generated from a template, then edited by hand. You can modify the template here.