Commits
- Commit:
d68f2c0e20f502d7bea2f0136527683f830b3d6c
- From:
- Josh Rickmar <jrick@zettaport.com>
- Date:
add signer_id option to got.conf(5)
Setting this option will cause 'got tag' to sign all created tags using
the SSH key, unless overridden by the -s flag.
ok stsp@
- Commit:
4d5ee9564a9e46a1f634f619833c62f636cfbdc1
- From:
- Josh Rickmar <jrick@zettaport.com>
- Date:
create and verify tags signed by SSH keys
This adds a new -s flag to 'got tag' that specifies the signer
identity (for example, a key file) of the tagger. The tag object will
include a signature that validates each of the tag object headers and
the tag message.
Verifying these signed tags requires maintaining an allowed signers
file which maps signer identities (i.e. the email address of the
tagger) to SSH public keys. See ssh-keygen(1) for more details of the
allowed signers file. After creating this file and providing the path
to it in got.conf(5) using the allowed_signers option, tags may be
verified using with 'got tag -V tag_name'. The return code will be
non-zero if a signature fails to verify.
ok stsp@
- Commit:
50b0790ed9a28fced631f31e5b7ca76a9a610ea5
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
add per-worktree got.conf(5) file in the .got directory; ok millert