Install tools:
brew install gnupg pinentry-mac
Configure the tty for gpg in your shell profile:
export GPG_TTY=$(tty)
Generate a key and choose 4096 as Key length (minimum):
gpg --full-generate-key
List your key(s):
gpg --list-secret-keys --keyid-format LONG
sec rsa4096/XXX
Create a revokation cert and export keys. Save ~/.gnupg in a save place.
gpg --output ~/.gnupg/revoke.asc --gen-revoke
gpg --export > ~/.gnupg/public_keys.pgp
gpg --export-secret-keys > ~/.gnupg/secret_keys.pgp
Copy public key to clipboard, then add it to GitHub settings -> keys
gpg --armor --export XXX | pbcopy
Configure git:
git config --global user.signingkey XXX
git config --global commit.gpgsign true
Add '/usr/local/bin/pinentry-mac' in ~/.gnupg/gpg-agent.conf.
Test it:
date > doc
gpg --output doc.sig --sign doc
That should start Pinentry UI which starts gpg-agent and asks for your password. Optionally saves your Key password in macOS keychain.