stable
Clone or download
request #25694: Allow to sign merge commits with SSH
This contribution introduces an "allowed signers" file that list the accepted pub keys of Tuleap integrators for SSH signatures. This is the counterpart of the existing repository [0] dealing with PGP/GPG keys. To verify the signatures, setup Git to the allowed signers file with `git config gpg.ssh.allowedSignersFile tools/utils/signing-keys/allowed-integrators`. This commit is signed so you can use it as an example with `git log --show-signature`. To sign a commit with SSH tell Git to use it with the `gpg.format` setting and select the appropriate key with the `user.signingKey` setting [1]. [0] https://tuleap.net/plugins/git/tuleap/tools/git-signature-verifier [1] https://git-scm.com/docs/git-config#Documentation/git-config.txt-usersigningKey Change-Id: I90dda7a6006011418a61af8a959691574d8a61b5
Modified Files
Name | ||||
---|---|---|---|---|
A | tools/utils/signing-keys/allowed-integrators | +3 | −0 | Go to diff View file |