Started using Eclipse (2018-12) and noticed that none of my commits have a verified signature when pushing to GitHub.
Is there a way to have Eclipse sign my commits to GitHub with my public GPG key?
$ gpg version
gpg (GnuPG) 2.2.13
$ git --version
git version 2.20.1
UPDATE 3/22/2019 -
Got the 2019-03 (4.11.0). Still no luck with getting Eclipse to sign a verified commit. I see the Sign Commit icon (lock) in the Git Staging tab, and I get the following dialog on commit.
Unable to find a GPG key for signing. Configure GPG key with committer email address, set user.signingKey or disable commit signing.
I am able to sign commits in OSX Terminal, and my Eclipse configuration preferences for Team>Git>Configuration show:
User Settings tab:
user:
name = [myname]
email = "[myname]@users.noreply.github.com"
signingkey = [mykey]
What I don't see in Eclipse is a place to enter (which is in .gitconfig):
commit:
gpgsign = true
Unverified means your signature is wrong. This can be if you commit with the wrong E-Mail/Password, if you haven't uploaded the Signature on GitHub(on that account) or if you've uploaded it wrongly.
Starting with the Eclipse IDE 2019-03 (4.11), which will be released on March 20, 2019, Git commits can be signed with a GPG key.
In the Git Staging view, there is an icon with a lock to enable signing:
If in your Git configuration commit.gpgsign
is set to true
, the button is pressed by default. As EGit does not delegate to the command line, but uses JGit (which is a Git implementation in Java) it does not matter which version of the command line Git is installed or if it is installed at all. To access the key store Bouncy Castle is used which means gpg.program
in the Git configuration is ignored.
In milestone 3 of the upcoming Eclipse release 2019-03 signing should alread work (on Windows there is a bug which has already been fixed; see my bug report for a workaround).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With