Configuring a GPG Public Key
Introduction
GNU Privacy Guard (GPG) is a method used for digital signature and authentication. When you push the local code to CodeArts Repo, a GPG public key ensures trusted sources and code integrity by signing and verifying Git code commits and tags in Git. You can view Constraints and configure a GPG public key by referring to Procedure.
The procedure for generating and using a GPG public key is as follows:
- Generate a GPG public key. Generate a key pair consisting of a public key and a private key by referring to Configuring a GPG Public Key, and configure the GPG public key to CodeArts Repo. The private key is kept confidential.
- Sign data. When developers want to sign code commits, they can use their own private keys to sign the code commits.
- Verify the signature. CodeArts Repo can verify the signature using the public key. If the verification is successful, the data has not been tampered with and comes from the user associated with the GPG public key.
Procedure
- Download the GPG key generation tool from gpg4win official site.
- Run the gpg --full-generate-key command on the local Git client, select the encryption algorithm, key length, expiration time, and correctness in sequence as prompted, and enter a username, email address, and comment, as shown in Figure 1.
- After confirming that the information is correct, type O and press Enter as prompted. In the displayed dialog box for entering and confirming the password, enter the correct password to generate a key.
If the information shown in Figure 2 is displayed, the GPG key is generated successfully.
- Run the following command to export the public key:
gpg --armor --export
As shown in Exporting the GPG public key, copy the public key to the clipboard, including -----BEGIN PGP PUBLIC KEY BLOCK----- and -----END PGP PUBLIC KEY BLOCK-----. - Log in to the repository list page of CodeArts Repo, click the alias in the upper right corner, and choose This Account Settings > Repo > GPG Public Keys.
- Click New GPG Public Key. On the page that is displayed, set the following parameters.
Table 1 Parameters for creating a GPG public key Parameter
Description
Title
Custom GPG public key name with a maximum of 200 characters.
GPG Public Keys
Paste the GPG public key copied from 4 to this text box.
Description
Optional. Enter a maximum of 200 characters. If the description is empty, -- will be displayed in the list.
- Click OK. If the GPG public key is created successfully, the GPG public key list page is displayed. You can delete the GPG public key when you do not need it.
If the public key fails to be added, check whether there are redundant spaces before and after the public key or whether it has already been added.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot