Signing Git Commits on Gitlab and Github

Managing your computer keys

This steps worked on Ubuntu Linux

Listing existing keys


gpg --list-secret-keys
gpg --list-secret-keys --keyid-format LONG
              

Generating a key

Use

gpg --gen-key
              

Making Git use the key to sign the commits


git config --global user.signingkey [THE KEY ID]
git commit -S -m 'Your commit message'
              

Make Git automatically sign all the commits


git config --global commit.gpgsign true
              

To disable Signing commits for a specific Repo


git config commit.gpgsign false
              

Adding your key to Gitlab or Github

Show your key public block using this command


gpg --armor --export [THE KEY ID]
              

You need to tell Gitlab and Github about your key, by adding it to the list of your account keys from this page (Github)

It fails to sign the commits on Mac

If you do these steps on the Mac OS, most probably it will fail to sign the commits. You can run the following statements to resolve the issues:

brew install pinentry-mac
echo "pinentry-program $(which pinentry-mac)" >> ~/.gnupg/gpg-agent.conf
gpgconf --kill gpg-agent
              

References