References
- Associating an email with your GPG key
- Telling Git about your signing key
- How to enable SSH access using a GPG key for authentication
- GPG Keys Management
Change identity for a GPG key
to list the long form of the GPG keys for which you have both a public and private key. A private key is required for signing commits or tags.
|
|
In this example, the GPG key ID is 3AA5C34371567BD2
:
|
|
to add the user ID details.
|
|
Enter O
to confirm your selections.
Enter your key’s passphrase.
To save the changes.
|
|
To print the GPG key in ASCII armor format
|
|
Copy your GPG key, beginning with -----BEGIN PGP PUBLIC KEY BLOCK-----
and ending with -----END PGP PUBLIC KEY BLOCK-----
.
Telling Git about your signing key
Telling Git about your GPG key
If you have previously configured Git to use a different key format when signing with --gpg-sign
, unset this configuration so the default format of openpgp
will be used.
|
|
To set your primary GPG signing key in Git
|
|
Telling Git about your SSH key
Configure Git to use SSH to sign commits and tags:
|
|
Copy the SSH public key to your clipboard.
|
|
To set your SSH signing key in Git
|
|
Bitbucket Pipelines Setup
The private-key.gpg.enc
file is an openssl-encrypted, GPG key file, that contains the key required for signing all files. The unencrypted key file can exported with gpg:
|
|
Before checking it into the bitbucket repository, it was encrypted with openssl:
|
|
The password value for the openssl encryption and decryption is stored in the OPENSSL_PWD
environment variable configured in Bitbucket and used in the bitbucket-pipelines.yml
script.
The settings.xml
is configured to access environment variables for the authentication to OSSRH as well the GPG signing:
OSSRH_USER_TOKEN
andOSSRH-PWD_TOKEN
: The username and password tokens for your OSSRH account as an alternative to your actual username and password. You can retrieve the token values by logging into OSSRH.GPG_KEY
: the name of the GPG key file to use for signing e.g.F784FAB8
GPG_PWD
: the password to access the GPG key