| View previous topic :: View next topic |
| Author |
Message |
LemonadeLlama
Tux's lil' helper
Joined: 26 May 2021
Posts: 105
Location: New Zealand
|
 Posted: Thu Jan 27, 2022 8:53 am Post subject: [SOLVED]Aspiring developer has difficulty with merge request |
 |
|
Hello everyone. I am trying to push a change to the net-p2p/rtorrent package, in order to daemonise it properly. I have created a pull request here.
The issue is that I can't figure out how to get gpg keys working  . I followed the guide here, but I still don't know what I'm missing.
I really want to make this change official, but I can't get these damn keys working!  If anyone has experience with GPG keys and signing commits, that would be much appreciated.
Last edited by LemonadeLlama on Thu Jan 27, 2022 8:05 pm; edited 2 times in total |
|
| Back to top |
|
 |
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 31373
Location: here
|
| Posted: Thu Jan 27, 2022 9:23 am Post subject: |
|
|
I think you don't need a gpg key because final merge is done by a developer and that need to be signed by a gpg key.
To add 'Signed-off-by: ' you should only add --signoff option to git or use repoman commit -m <message> that check also other problem on your commit.
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
LemonadeLlama
Tux's lil' helper
Joined: 26 May 2021
Posts: 105
Location: New Zealand
|
| Posted: Thu Jan 27, 2022 9:32 am Post subject: |
|
|
| fedeliallalinea wrote: | | you should only add --signoff option to git |
I tried updating my commit with that option and it didn't work. Note that this is on my gentoo fork because that's how I originally did my change.
| Code: |
$ git commit --amend --no-edit --signoff
error: gpg failed to sign the data
fatal: failed to write commit object
|
I also tried cloning the guru repo and copying my change there, but now I can't commit at all, even though it tries adding my signoff message:
| Code: |
~/Repositories/guru $ git commit --signoff
error: gpg failed to sign the data
fatal: failed to write commit object
|
|
|
| Back to top |
|
|
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 31373
Location: here
|
| Posted: Thu Jan 27, 2022 9:44 am Post subject: |
|
|
Probably because you added
| Code: | $ git config --local commit.gpgsign 1
$ git config --local push.gpgsign 1 |
in your git configuration
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
LemonadeLlama
Tux's lil' helper
Joined: 26 May 2021
Posts: 105
Location: New Zealand
|
| Posted: Thu Jan 27, 2022 9:48 am Post subject: |
|
|
| fedeliallalinea wrote: | Probably because you added
| Code: | $ git config --local commit.gpgsign 1
$ git config --local push.gpgsign 1 |
in your git configuration |
I did that because I was following this guide, at the request of someone in the pull request.
Should I remove that part of my config? |
|
| Back to top |
|
|
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 31373
Location: here
|
| Posted: Thu Jan 27, 2022 9:54 am Post subject: |
|
|
| LemonadeLlama wrote: | | Should I remove that part of my config? |
I'm not sure, but since the merge will be done by a developer with his gpg key I would say yes.
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
Ionen
Developer
Joined: 06 Dec 2018
Posts: 2887
|
| Posted: Thu Jan 27, 2022 10:00 am Post subject: |
|
|
| Code: | | $ git config --local push.gpgsign 1 |
Note that github doesn't support push signing (only commit signing) so it's not usable for PRs, Gentoo's own git servers do use that though.
It's not necessary to use same configuration as GURU for PRs anyhow, can keep per-repo configs too.
| fedeliallalinea wrote: | I think you don't need a gpg key because final merge is done by a developer and that need to be signed by a gpg key.
To add 'Signed-off-by: ' you should only add --signoff option to git or use repoman commit -m <message> that check also other problem on your commit. |
Yep, this is right. A dev will review the changes (checking that it's sane and not tempered with), and then gpg sign it with their own key on merge, we don't really care whether the PR itself is gpg signed.
Not to be confused with the GCO signoff which is really just a text line in the summary to acknowledge GLEP76 and is unrelated to gpg (and we do need that, /could/ be skipped on trivial changes where you couldn't be listed as the author without it, but always having it reduces headaches). |
|
| Back to top |
|
|
LemonadeLlama
Tux's lil' helper
Joined: 26 May 2021
Posts: 105
Location: New Zealand
|
| Posted: Thu Jan 27, 2022 10:13 am Post subject: |
|
|
Performing the following allowed me to sign my commit:
| Code: |
git config --local commit.gpgsign 0
git config --local push.gpgsign 0
|
And yes, I was mixing up PGP keys and the GCO signoff  |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 22891
|
| Posted: Thu Jan 27, 2022 3:55 pm Post subject: |
|
|
| Would you consider this thread solved? If so, please edit the title of the opening post accordingly. |
|
| Back to top |
|
|
|
Portage & Programming
