Signing commits and tags with GPG in the standard Git storage mode - Cloud - 8.0

Talend Studio User Guide
Version
Cloud
8.0
Language
English
Product
Talend Big Data
Talend Big Data Platform
Talend Cloud
Talend Data Fabric
Talend Data Integration
Talend Data Management Platform
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Real-Time Big Data Platform
Module
Talend Studio
Content
Design and Development
If you have installed the 8.0 R2023-01 Studio monthly update or a later one provided by Talend, Talend Studio supports enabling Git signature verification and signing commits and tags with GPG in the standard Git storage mode.

Before you begin

  • The standard Git storage mode has been enabled in Talend Studio. For more information, see Enabling the standard Git storage mode.
  • A GPG key has been generated for Git signature verification. For more information, see Generating a new GPG key.
    Tip: You must note down the passphrase you use when generating a new GPG key. You need to enter the passphrase to unlock the GPG secret key in Talend Studio after enabling Git signature verification.

About this task

To enable Git signature verification in Talend Studio, do the following:

Procedure

  1. If you want to enable Git signature verification on a specific repository, add the corresponding local repository in the Git Repositories view as the following.
    1. From the menu bar, click Window > Show view... to open the Show View dialog box.
    2. In the Show View dialog box, expand Git and select Git Repositories.
    3. Click Open to open the Git Repositories view.
    4. Click in the upper-right corner of the Git Repositories view to open the Add Git Repositories dialog box.
    5. In the Directory field, browse to your local repository on which you want to enable Git signature verification.
    6. Select the local repository in the Search results list.
    7. Click Add.
      The local repository is added in the Git Repositories view.
  2. From the menu bar, click Window > Preferences to display the Preferences dialog box.
  3. On the tree view in the Preferences dialog box, click Version Control (Team) > Git > > Committing to display the relevant view.
  4. Select External GPG from the For signing commits and tags use drop-down list, and in the GPG Executable field, fill in or browse to the path to the GPG executable file.
  5. On the tree view in the Preferences dialog box, click Version Control (Team) > Git > > Configuration to display the relevant view.
  6. If you want to enable Git signature verification on all repositories, go to the User Settings tab.
  7. If you want to enable Git signature verification on a specific repository, go to the Repository Settings tab and select the repository from the Repository drop-down list.
  8. Add the following configuration entries one by one by clicking Add Entry... and in the pop-up dialog box, entering the key and the value for the entry in the corresponding fields.
    • The key commit.gpgsign with the value true for signing commits
    • The key tag.gpgSign with the value true for signing tags
    • The key user.signingkey with the GPG key ID as its value
  9. Click Apply and Close to save all your changes and close the Preferences dialog box.
    Git signature verification is now enabled and all commits and tags will be signed.

    Later, when you commit a change or create a new tag for the first time after enabling Git signature verification, a dialog box pops up, and you need to enter the passphrase you use when generating the GPG key.

    Note that commits will not be signed if the Sign Commit button is disabled in the Git Staging view.