GIT-SIGN-FOR-CGIT(1) | General Commands Manual | GIT-SIGN-FOR-CGIT(1) |
NAME
git-sign-for-cgit
—
store a signature of an object for release with cgit
SYNOPSIS
git sign-for-cgit |
[-f format]
object |
DESCRIPTION
git-sign-for-cgit
creates a signed checksum list for an
archive of the named object. The list is stored in
refs/notes/signatures/<format> using
git-notes(1), and is suitable for distribution via cgit.
To publish the signature, push refs/notes/signatures/<format> to the remote cgit repository. cgit will then automatically pick the right signature for the respective archive format. See NOTES for an in-depth discussion of how this works.
Signatures are created with signify(1) using the
secret key defined in SIGNIFY_SECKEY
. If unset, the
key at ~/.signify/release.sec is used instead.
For supported archive formats, see git-archive(1). A default archive format can be set via git-config(1), using the package.format option. Note that the chosen archive format must also be supported by cgit.
The options are as follows:
-f
format- The format of the underlying archive. Defaults to package.format, or tar.gz if unset.
ENVIRONMENT
SIGNIFY_SECKEY
- The secret key to use for signing.
FILES
- ~/.signify/release.sec
- The secret key to use if
SIGNIFY_SECKEY
is unset or empty.
NOTES
- Hosting signify signatures on cgit
https://oriole.systems/posts/signify-cgit
SEE ALSO
git(1), git-archive(1), git-config(1), git-notes(1), signify(1), cgitrc(5)AUTHORS
git-sign-for-cgit
was written by
Wolfgang Müller .
July 17, 2021 |