Skip to content

feat(git): add SSH commit signing with OS-based branching#82

Merged
paveg merged 1 commit intomainfrom
feat/git-ssh-signing
Mar 4, 2026
Merged

feat(git): add SSH commit signing with OS-based branching#82
paveg merged 1 commit intomainfrom
feat/git-ssh-signing

Conversation

@paveg
Copy link
Owner

@paveg paveg commented Mar 4, 2026

Summary

  • Add gpg.format = ssh with commit.gpgsign and tag.gpgsign for verified commits
  • macOS: use 1Password's op-ssh-sign with signing key from op://Dotfiles/Git/signing_key
  • Linux: fall back to ~/.ssh/id_github.pub with default ssh-keygen

Test plan

  • chezmoi execute-template < dot_config/git/main.tmpl renders correctly on both OS
  • BUSINESS_USE=1 chezmoi init --source=. --dry-run succeeds
  • CI passes (chezmoi dry-run on Linux and macOS)
  • After apply: git commit --allow-empty -m "test" && git log --show-signature -1 shows verified

@paveg
feat(git): add SSH commit signing with OS-based branching
2011a48 
macOS uses 1Password's op-ssh-sign via signing_key from 1Password,
Linux falls back to ~/.ssh/id_github.pub with default ssh-keygen.
@paveg paveg merged commit 3401ecd into main Mar 4, 2026
10 checks passed
@paveg paveg deleted the feat/git-ssh-signing branch March 4, 2026 03:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@paveg