New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support commit signing for homebrew taps (and maybe other platforms too) #4616
Comments
still don't know if I want to do this, for the same reasons laid of in the original issue. that said, if you use the |
closing as not possible with github api. |
Commits made by GitHub GraphQL API are automatically signed. |
thats a very big change, not sure if its worth the risk |
Maybe you can re-open and add a label for community vote? If it gets enough +1s, then it can be implemented if it gets high demand. |
if someone PRs it, I'm willing to accept. Probably would have to be opt-in for now at least, as there's a too many details already taken care of in the current implementation... I wouldn't feel confident to just switch it, I think. |
I think we don't have change the whole implementation. We can just update the following part to use GraphQL API. Rest other things will remain same as they are now - use REST API. goreleaser/internal/client/github.go Lines 288 to 337 in 554ca5f
Edit: GraphQL API doesn't support custom commit author name and email, so we can make it optional with a config parameter like: # .goreleaser.yaml
github:
sign_commits: true # boolean and based on that use GraphQL API. If custom commit author and email is set along with sign_commits parameter, just give a warning that they will be ignored. |
I would rather make it more explicit, something like: github:
use_graphql_api: true and we can start with the commit only, but eventually I'd say to reimplement the whole client |
That can also be done. We can implement things one-by-one and switch to GraphQL API. |
Is your feature request related to a problem? Please describe.
Support GPG and SSH commit signing where we push to Git repos, like homebrew taps/winget-pkgs.
Pushing commit fails, or PR is not able to merge, where "Require signed commits" is enabled in branch protection rules (see option 9 - https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule#creating-a-branch-protection-rule)
Describe the solution you'd like
GitHub (google/go-github) SDK provides a way to sign commits.
https://github.com/google/go-github/blob/master/github/git_commits.go
Previous issue:
brew
option to publish homebrew formula does not support signed commits. #1774Originally posted by @radeksimko in #1774 (comment)
Describe alternatives you've considered
N/A
Search
Supporter
Code of Conduct
Additional context
No response
The text was updated successfully, but these errors were encountered: