Can't verify signature with forgejo/gitea

unikitty
unikitty
Community Member
in SSH

I’m having trouble getting signed Git commits working with forgejo/gitea, and there are only instructions for GitHub/GitLab in the documentation.

The commits have a GitHub no-reply email address on them, the address is added to my Forgejo account, and has been manually verified by the admin. I can successfully push commits with this email address to the Forgejo server.

Signing is working locally:

╰─▷ git log --show-signature
commit 692cf7c5b97bd14295fc50c5cb4ebd4b4d6584f1 (HEAD -> master, origin/master)
Good "git" signature for me@users.noreply.github.com with ED25519 key SHA256:oiB…
Author: Me <me@users.noreply.github.com>

…and I have the key uploaded to Forgejo, but there is no option to set the key to be signing, or authentication+signing. So I can push commits with that key, but it won't verify the signature.

Is there a way to do this with Forgejo? Presumably, it would be the same way as Gitea, but I haven't found any posts with solutions for that, either.

1Password Version: 1Password for Mac 8.10.34 (81034040)
Extension Version: 2.25.1
OS Version: macOS 14.5 (23F79)
Browser: Vivaldi

Comments

  • unikitty
    unikitty
    Community Member

    Actually, I fixed it. You have to actually click the Verify button once you've added the key, export the private key to a temporary file, then run the code provided against that file and paste the result into Forgejo. Then the commits show as having the signature validated. 🤦‍♂️