https://gist.github.com/troyfontaine/18c9146295168ee9ca2b30c00bd1b41e
Whatever your problem, try restarting your GPG Agent (it will auto-restart the next time gpg is used):
gpgconf --kill gpg-agent
killall gpg-agent
Also try GIT_TRACE=1 ...
to see which internal command is failing and try running the command to get at the underlying error.
My global ~/.gitconfig
had a [gpg]
section which was configured to the location of the gpp
binary. I installed a newer Homebrew version (as part of a new laptop setup) and discovered that Homebrew changed the location of where binaries are installed so I needed to which gpg
to find the new location and update my global git config.
I pulled down a project from GitHub but forgot that originally (on my old laptop) I would have updated the project's local .git/config
file to include my user details, and the fact I want to sign my commits (see "Project Specific Summary" below). So just make sure that data is added.
I was finding, after a long time of being able to sign commits using the instructions from this gist, that I couldn't sign my commits all of a sudden.
There's a few things you can try.
In one instance I needed an esoteric way to tell Git about my user...
export GPG_TTY=$(tty)
Another issue I found was I shouldn't have a branch named the same as the tag version because git won't know what to do (make sure to delete the branch if it's already merged into your primary branch, or rename it otherwise). So now I don't name my branches v1.0.0
but integralist/v1.0.0
as this means when I add the tag v1.0.0
there's no confusion as to what's being referenced.
If your GPG key expires then you can't just update the expiry. You need to delete the public key from your GitHub account and re-add it in the GitHub UI like you did when first creating the public key (docs).
vim .git/config
[user]
name = Foo Bar
email = foobar@example.com
signingkey = 123
[commit]
gpgsign = true
git tag -s v1.1.0 -m "v1.1.0" && git push origin v1.1.0
gpg --full-generate-key
git config --global --edit
[user]
signingkey = <>
name = <>
email = <>
cd ~/path/to/some/repo/you/want/to/sign/commits/for
git config --local --edit
[commit]
gpgsign = true
git config --local user.signingkey <>
NOTE: feel free to add
gpgsign
to global settings if you prefer.
You need to generate the public key to paste into GitHub. First get the identifier...
gpg --list-secret-keys --keyid-format LONG
sec 4096R/<GRAB_THIS> ...
...
Now you can export your public key...
gpg --armor --export <identifier> | pbcopy
Then go to GitHub > Settings > SSH and GPG keys.
NOTE: If using a different email to what your GitHub account is associated with, then go to https://github.com/settings/emails and add the new email so it can be verified (otherwise github won't verify the email in the gpg key).
See the ~/.gnupg/ files in my dotfiles repo.
chmod 700 ~/.gnupg
If like me you have multiple users (one work, one personal) then you might want to change a personal commit signing with a work identity if you had used your personal one by accident.
To do that you can use:
git commit --amend --reset-author
I recently stumbled across: https://gist.github.com/troyfontaine/18c9146295168ee9ca2b30c00bd1b41e