This repo is the source for the graffino allowed_signers
file for commit signing across the organization.
- Add your file to the
keys
folder in thefirstname.lastname.key.pub
. - Make sure your public key has a comment with your e-mail address. If the e-mail is incorrect, edit it.
- Create a PR with your commit and wait for it to be approved.
- Keys are updated every 5 minutes and on system boot. After 5 minutes the keys should appear in
~/.config/git/allowed_signers
.
- Run
configure.sh
or run replacing[USER]
and[YOUR_PUBLIC_KEY]
git config --global gpg.format ssh
git config --global commit.gpgsign true
git config --global tag.gpgsign true
git config --global user.signingKey "/Users/[USER]/.ssh/[YOUR_PUBLIC_KEY]"
git config --global gpg.ssh.allowedSignersFile "~/.config/git/allowed_signers"
- Copy your public key to the clipboard:
pbcopy < ~/.ssh/firstname.lastname.pub
(make sure the correct filename is here.) - Go to Github Keys
- Select
New SSH Key
- Select
Key type
asSigning Key
- Paste your public key
- Press
Add SSH Key
.
Note: Do NOT delete any of the GPG keys stored there. These must remain there for all eternity or else the commits signed with them will become untrusted.
- Go to Settings (
CMD + .
) - Select Git Config
- Go to Global signing key and select your SSH key from the list
- Go to Allowed signers file and select
~./config/git/allowed_signers
as input
Note: If you can't get to the allowed signers file press CMD + SHIFT +G
when you are in the select window and enter the destination manually.