Currently, signing is only supported with commits in Git repos. See Git's documentation on "Signing Your Work" for more context.
Note that Sapling has a single configuration for your identity:
$ sl config ui.username
Alyssa P. Hacker <firstname.lastname@example.org>
whereas Git has these as separate items:
$ git config user.name
Alyssa P. Hacker
$ git config user.email
You must ensure that:
- Your value of
ui.usernamecan be parsed as
- When parsed, these values match what you specified for Real name and Email address when you created your GPG key.
In Git, you would configure your repo for automatic signing via:
git config --local user.signingkey B577AA76BAE505B1
git config --local commit.gpgsign true
Because Sapling does not read values from
git config, you must add the analogous configuration to Sapling as follows:
sl config --local gpg.key B577AA76BAE505B1
Sapling's equivalent to Git's
commit.gpgsign config is
gpg.enabled, but it
--local is used to enable signing for the current repository. Use
--user to default to signing for all repositories on your machine.
Support for signing commits is relatively new in Sapling, so we only support a subset of Git's functionality, for now. Specifically:
- There is no
sl commitor other commands, as signing is expected to be set for the repository. To disable signing for an individual action, leveraging the
--configflag like so should work, but has not been heavily tested:
sl --config gpg.enabled=false <command> <args>
- While Git supports multiple signing schemes (GPG, SSH, or X.509), Sapling supports only GPG at this time.
The Git documentation on GPG is a bit light on detail when it comes to ensuring you have GPG configured correctly.
First, make sure that
gpg is available on your
$PATH and that
gpg --list-secret-keys --keyid-format LONG lists the keys you expect. Note that you will have to run
gpg --gen-key to create a key that matches your Sapling identity if you do not have one available already.
A basic test to ensure that
gpg is setup correctly is to use it to sign a pice of test data:
echo "test" | gpg --clearsign
If you see
error: gpg failed to sign the data, try this StackOverflow article:
If you see
gpg: signing failed: Inappropriate ioctl for device, try: