Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

request #25694: Allow to sign merge commits with SSH

Download Browse

This contribution introduces an "allowed signers" file that list the accepted pub keys of Tuleap integrators for SSH signatures. This is the counterpart of the existing repository [0] dealing with PGP/GPG keys. To verify the signatures, setup Git to the allowed signers file with `git config gpg.ssh.allowedSignersFile tools/utils/signing-keys/allowed-integrators`. This commit is signed so you can use it as an example with `git log --show-signature`. To sign a commit with SSH tell Git to use it with the `gpg.format` setting and select the appropriate key with the `user.signingKey` setting [1]. [0] https://tuleap.net/plugins/git/tuleap/tools/git-signature-verifier [1] https://git-scm.com/docs/git-config#Documentation/git-config.txt-usersigningKey Change-Id: I90dda7a6006011418a61af8a959691574d8a61b5

+3 −0
Thomas Gerbet (tgerbet) 2022-03-07 16:40
Thomas Gerbet (tgerbet) 2022-03-07 16:47
65d4e8ec9ea9c0890c0b5852f114de946f85290e
aed9ce22872c7a50ffdcbb5ca417561f40e12678
git #tuleap/stable/65d4e8ec9ea9c0890c0b5852f114de946f85290e

Modified Files

Side by side diff
Inline diff
Name
A tools/utils/signing-keys/allowed-integrators +3 −0 Go to diff View file