https://gist.github.com/troyfontaine/18c9146295168ee9ca2b30c00bd1b41e
Whatever your problem, try restarting your GPG Agent (it will auto-restart the next time gpg is used):
gpgconf --kill gpg-agent
killall gpg-agent
Also try GIT_TRACE=1 ... to see which internal command is failing and try running the command to get at the underlying error.
My global ~/.gitconfig had a [gpg] section which was configured to the location of the gpp binary. I installed a newer Homebrew version (as part of a new laptop setup) and discovered that Homebrew changed the location of where binaries are installed so I needed to which gpg to find the new location and update my global git config.
I pulled down a project from GitHub but forgot that originally (on my old laptop) I would have updated the project's local .git/config file to include my user details, and the fact I want to sign my commits (see "Project Specific Summary" below). So just make sure that data is added.
I was finding, after a long time of being able to sign commits using the instructions from this gist, that I couldn't sign my commits all of a sudden.
There's a few things you can try.
In one instance I needed an esoteric way to tell Git about my user...
export GPG_TTY=$(tty)Another issue I found was I shouldn't have a branch named the same as the tag version because git won't know what to do (make sure to delete the branch if it's already merged into your primary branch, or rename it otherwise). So now I don't name my branches v1.0.0 but integralist/v1.0.0 as this means when I add the tag v1.0.0 there's no confusion as to what's being referenced.
If your GPG key expires then you can't just update the expiry. You need to delete the public key from your GitHub account and re-add it in the GitHub UI like you did when first creating the public key (docs).
vim .git/config
[user]
name = Foo Bar
email = foobar@example.com
signingkey = 123
[commit]
gpgsign = true
git tag -s v1.1.0 -m "v1.1.0" && git push origin v1.1.0gpg --full-generate-keygit config --global --edit[user]
signingkey = <>
name = <>
email = <>cd ~/path/to/some/repo/you/want/to/sign/commits/for
git config --local --edit[commit]
gpgsign = truegit config --local user.signingkey <>NOTE: feel free to add
gpgsignto global settings if you prefer.
You need to generate the public key to paste into GitHub. First get the identifier...
gpg --list-secret-keys --keyid-format LONG
sec 4096R/<GRAB_THIS> ...
...Now you can export your public key...
gpg --armor --export <identifier> | pbcopyThen go to GitHub > Settings > SSH and GPG keys.
NOTE: If using a different email to what your GitHub account is associated with, then go to https://github.com/settings/emails and add the new email so it can be verified (otherwise github won't verify the email in the gpg key).
See the ~/.gnupg/ files in my dotfiles repo.
chmod 700 ~/.gnupgIf like me you have multiple users (one work, one personal) then you might want to change a personal commit signing with a work identity if you had used your personal one by accident.
To do that you can use:
git commit --amend --reset-authorI recently stumbled across: https://gist.github.com/troyfontaine/18c9146295168ee9ca2b30c00bd1b41e