Table of Contents |
---|
Introduction
If you’re new to signed commits, then read our article on why you should sign commits. Note that not all Git platform support signed commits, and each platform may enforce different requirements for the types of keys that you can use to sign commits. For more information see our summary of common Git platforms and their support for signed commits.
MettleCI Workbench installs with signed commit capability disabled by default. You need to enable this functionality using a configuration file change which is described below.
Enable Git Signing for your Workbench instance
Git commit signing is enabled (or disabled) for your entire MettleCI Workbench instance, after which it is made available to those Workbench users who configure their Workbench user profiles appropriately. To enable Git commit signing in your Workbench instance set the commitSigningEnabled
to true
in your config.yml
file. See the the gitAuthentication
section in MettleCI Workbench Configuration Files Explained - gitAuthentication for an example of how to do this.
...
Create an SSH key pair at command line (guide here)
This should ideally be a user-specific key (i.e. not shared with other team members)
Check with your Git platform’s documentation for the type of keys which are compatible with it.
Upload the private key to your MettleCI Workbench profile
Click your avatar or user name in the top right-hand corner of the Workbench interface and select Profile.
The Git Signing Key heading will have a
label next to it if you have not already supplied a key value. Select the Upload Key checkbox, paste your private SSH key into the text field and click Update Profile.Status colour Yellow title NOT SUPPLIED When you upload your key to Workbench it encrypts it (using your DataStage password) and stores it safely in the a Java key store used for other Workbench SSH keys (e.g. supporting HTTPS access, for example)- the same method used to support accessing Workbench using HTTPS. Once accepted the Git Signing Key heading will have a
label next to it.Status colour Green title SUPPLIED
Upload the public key associated with your private SSH key to your account on your Git platform. See your Git platform’s instructions on how to achieve this.
Try performing a commit from MettleCI Workbench and check your Git platform to see if it’s recognised as a signed commit.
Note that not all Git platforms have a cviosual visual indicator of a commit being signed. See your Git platform’s instructions on how to verify that a commit has been signed.
You can delete your private SSH key at any time by selecting the Delete Key checkbox and clicking the Delete Key button.
...