These are instructions to create an ssh-format developer key for signing git commits, and configuring this key to be used by default, and specifying defaults to apply this signature to all git commits.
Along with specifying an identity agent in ~/.ssh/config and SSH_AUTH_SOCK environment variable,
this will cause VSCode to pass along obtaining your key decryption password to the system's identity
agent.
These instructions have been tested on MacOSX with 1Password set as the identity agent.
-
Create a developer key using ssh-keygen. Add ssh signing key to github.
NAME="John Doe" sh -c 'ssh-keygen -t ed25519 -f ~/.ssh/id_developer -C "$NAME: Developer Key"'
-
Configure
~/.gitconfigon your local machine to: (Example below)a. Specify the ssh public signing key,
b. to sign commits by default, and
c. to format the git commit message to indicate the signature by default. ("git commit -s")
-
When dev-containers makes the container, it will import these settings. Alternatively, you can edit the existing container's
~/.gitconfig. -
Configure vscode git Settings->Extensions->Git settings "Enable Commit Signing" and "Always Sign Off" to sign and annotate the commit message by default.
[user]
email = [email protected]
name = John Doe
username = j.doe
signingkey = << public key here >>
[init]
defaultbranch = main
[gpg]
format = ssh
[commit]
gpgsign = true
[format]
signoff = true