Sign your commits with Tower app
This article has been published a while ago.
If this is a technical article some information might be out of date. If something is terribly broken, let me know and I will update the article accordingly.
Today GitHub's weekly newsletter brought me this handy Guide about GPG signing, git and GitHub. I tried setting everything up after GitHub released the feature back in April 2016, but I couldn't get it to work with Tower because the app doesn't officially support it.
@dmilith Currently, support for PGP signing is not planned. Although I wouldn't say "never"...
— Tower (@gittower) January 29, 2014
After some research and tinkering, I found a working solution for me. Here's how I've done it:
1. Follow @pstadler's Guide #
Just follow Patrick's guide step by step. I would also recommend to do the extra work and complete the optional steps for a password-less process.
2. Create a GPG wrapper command #
Create a new executable file here /usr/local/bin/gpg_wrap. It will contain the following code:
#!/bin/sh
/usr/local/bin/gpg --batch $*
Thanks to @dmilith on Twitter for the idea!
3. Update your .gitconfig #
Add the following line to your .gitconfig:
[gpg]
program = /usr/local/bin/gpg_wrap
That's it! Now you should be able to sign your Git commits with your selected GPG key without leaving Tower!
