Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add ability to sign commits with git-xargs #140

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

add ability to sign commits with git-xargs #140

wants to merge 4 commits into from

Conversation

zack-is-cool
Copy link

@zack-is-cool zack-is-cool commented Oct 25, 2023
edited
Loading

Description

Closes #93.

This PR allows users to sign commits with git-xargs using a global signingkey in their git config.
see: https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key for more info on configuring git to use a signing key.

TODOs

Read the Gruntwork contribution guidelines.

  • Update the docs.
  • Run the relevant tests successfully, including pre-commit checks.
  • Ensure any 3rd party code adheres with our license policy or delete this line if its not applicable.
  • Include release notes. If this PR is backward incompatible, include a migration guide.

Release Notes (draft)

Added ability to sign commits with git-xargs. This depends on the user's git config to be configured with a signing key. If not configured, it will default to not signing commits.

Migration Guide

N/A

@toindev toindev mentioned this pull request Jan 9, 2024
Open
@gekitsuu
Copy link

@zack-is-cool I saw this PR was waiting on an approver and since I also need this feature I just fetched your repo/branch zack-is-cool/git-xargs and checked out the feat/add-commit-signing branch. I have commit signing setup correctly and I tried to run git-xargs directly from the branch via go run main.go --branch-name 'git-xargs-test' --commit-message 'Testing my sig' --repo gekitsuu/git-xargs-text-repo /home/gekitsuu/repos/git-xargs/test.sh. The command succeeded and it cut a PR but the commit wasn't signed.

Screenshot from 2024-08-13 15-59-26

@zack-is-cool
Copy link
Author

@gekitsuu try bumping up the logging level for more info. You can look at the debug logging I added. I've been using my fork since I made this PR to be able to sign commits for my org's security settings.

@gekitsuu
Copy link

@zack-is-cool I did that and realized that I hadn't checked out the branch correctly. I am able to run the command now, and it prompted me for my GPG key password. Even though I'm entering the passphrase correctly, I get [git-xargs] DEBU[2024-08-14T14:53:23-04:00] Error encountered while processing repo Error="openpgp: invalid argument: signing key is encrypted" Repo name=git-xargs-test-repo Any ideas what's causing that? I'm on Debian 12 running gpg (GnuPG) 2.2.40 and git 2.39.2 if that helps in any way.

@gekitsuu
Copy link

@zack-is-cool Not sure I tagged you correctly in the last comment

@zack-is-cool
Copy link
Author

Not totally sure tbh,
if you look at this:
https://github.com/gruntwork-io/git-xargs/pull/140/files#diff-daf8735f223c2102f6c67b11ae0f6c605ae36798314376c9b9d976d30ff3d930R311-R364

you can kinda see what's going on - specifically here it's calling gpg program with arguments --export-secret-keys", "--armor" and your signing key id. You could try to call those manually in your terminal to see if you get a similar error. I'm running this on mac gpg (GnuPG) 2.4.5

https://github.com/gruntwork-io/git-xargs/pull/140/files#diff-daf8735f223c2102f6c67b11ae0f6c605ae36798314376c9b9d976d30ff3d930R340

@gekitsuu
Copy link

@zack-is-cool I'm going to guess that you don't have a password on your GPG key. When I removed the passphrase from mine, then your branch signed the commit as expected, but it should handle taking a user through supplying the passphrase if they use one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brikis98 brikis98 Awaiting requested review from brikis98 brikis98 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Can git-xargs make signed git commits?
2 participants
@zack-is-cool @gekitsuu