Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature] Commit with gpg signing #122

Closed
cdenneen opened this issue Mar 5, 2021 · 5 comments · Fixed by #136
Closed

[feature] Commit with gpg signing #122

cdenneen opened this issue Mar 5, 2021 · 5 comments · Fixed by #136
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@cdenneen
Copy link

cdenneen commented Mar 5, 2021

Currently documentation shows how to utilize signing for secrets but that same gpg key can be used for commits as well.
Need to add signingkey to the spec.
@squaremo squaremo added enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed and removed good first issue Good for newcomers labels Mar 5, 2021
@squaremo
Copy link
Member

squaremo commented Mar 5, 2021

(I think this is a little big for a good first issue)

@lwj
Copy link
Contributor

lwj commented Mar 23, 2021

Hey, I'm looking to contribute. Could I work on this feature?

@squaremo
Copy link
Member

Hey, I'm looking to contribute. Could I work on this feature?

That would be most welcome! I do want to put a gentle caveat here: there are a few unknowns with respect to the git libraries used (go-git and libgit2) versus signing. A bit of research up-front is worthwhile.

@lwj
Copy link
Contributor

lwj commented Mar 24, 2021
edited
Loading

Thanks! From skimming through the code, it looks like that regardless of the git library used for pushing, go-git is always used to perform the commit itself. Perhaps a separate issue should be raised if committing under libgit2 is a requirement?

@hiddeco
Copy link
Member

hiddeco commented Mar 24, 2021

go-git has support for signing commits and can be used as an initial implementation: https://github.com/go-git/go-git/blob/1b1a61ad07f40197d3b9164821a096abd1710628/options.go#L431-L434

@lwj lwj mentioned this issue Mar 24, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Enable GPG Signing of Commits lwj/image-automation-controller
4 participants
@squaremo @cdenneen @hiddeco @lwj