ManthanHD

Findings, thoughts and observations from the eye of a Software Engineer.

  • Findings
  • Agile
  • Thoughts
  • Educational
  • Skills
  • Random

git

How to retroactively sign all commits in a branch

18th June 2021 / Leave a Comment

If you haven’t set up GPG signing, check out my previous post on this here.

Say you created a new branch from main called my-branch. This guide will help you to sign all of the commits that are in my-branch that are not in main.

For starters, do a git fetch origin so that we are up to date with remotes. Be on my-branch. Ensure that you are rebased correctly from the main branch. This is not so important but will keep things clean and make it easy to merge later.

git rebase origin/main

Resolve conflicts, if any. Ensure clean state. Now to retroactively sign commits on my-branch, run:

git rebase --exec 'git commit --amend --no-edit -n -S' -i origin/main

Being on my-branch basically what you are saying here is that:

  1. Start an interactive rebase from the last known commit that is on origin/main, rolling back temporarily.
  2. For every commit, execute (--exec) git commit command, amending each commit without modifying its contents and signing every commit

Hope this helps.

Did you find this post useful? Spread the word!

  • Facebook
  • Twitter
  • LinkedIn
  • Reddit
  • WhatsApp
  • More
  • Email
  • Skype

Like this:

Like Loading...
Posted in: Findings Tagged: git, linux, macos

Enabling git-GPG signed commits on MacOS

14th June 2021 / 1 Comment

Install gpg via Homebrew.

brew install gnupg

Here you can generate keys yourself or import an existing key.

gpg --generate-key
// OR
gpg --import path/to/secret.asc

Now we tell git what key we want to use. Run this command to list your keys:

gpg --list-secret-keys --keyid-format=long

You should see some output like below, copy the highlighted section:

sec   rsa2048/9A9A9A9A9A9A9A9A 2015-05-01 [SC]

Then set it as user.signingkey in git config

git config --global user.signingkey 9A9A9A9A9A9A9A9A

Tell git to sign commits and which program to use

git config --global commit.gpgsign true 
git config --global gpg.program gpg

In your bash profile set the following to allow for passphrase entry:

export GPG_TTY=$(tty)

Alternatively you can use the pinentry tool from homebrew.

Thats it! From now on, any new commits will be automatically signed. The program might ask you for your passphrase through your mechanism of choice (terminal/pop up etc).

Did you find this post useful? Spread the word!

  • Facebook
  • Twitter
  • LinkedIn
  • Reddit
  • WhatsApp
  • More
  • Email
  • Skype

Like this:

Like Loading...
Posted in: Findings Tagged: git, macos

Subscribe to Blog via Email

Join 283 other subscribers.
  • RSS – Posts
  • RSS – Comments

Archives

  • June 2021
  • October 2020
  • September 2020
  • August 2020
  • May 2020
  • August 2018
  • June 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • September 2017
  • August 2017
  • July 2017
  • May 2017
  • April 2017
  • March 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • September 2014
  • December 2013
  • October 2013
  • September 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • January 2013
  • December 2012
  • August 2012
  • April 2012
  • February 2012
  • January 2012

Copyright © 2023 ManthanHD.

Me WordPress Theme by themehall.com

%d bloggers like this: