Setting up Git commit and tag signing with GnuPG on Mac OSX is not as straight forward as one would like it to be. Here are the steps I used to get it set up. Before hand I was getting the following error:
git commit -S -m "test signing"
error: gpg failed to sign the data
fatal: failed to write commit object
Getting GnuPG setup and configured properly
brew upgrade gnupg
brew link --overwrite gnupg
brew install pinentry-mac
echo "pinentry-program /usr/local/bin/pinentry-mac" >> ~/.gnupg/gpg-agent.conf
killall gpg-agent
Once that is set up configure git
# create a key if you already have not done so
gpg --gen-key
# configure git
git config --global gpg.program gpg
git config --global user.signingkey <key_id>
git config --global commit.gpgsign true # if you want to sign every commit
Add signing flag when committing or tagging
git commit -S -m 'Signed commit'
git tag -s v1.5 -m 'my signed 1.5 tag'
Viewing signatures
git show v1.5
git log --show-signature -1
Verifying signatures
# check tag signature
git tag -v <tag-name>
# verify signature before merging
git merge --verify-signatures signed-branch
I hope this is helpful for people looking to start signing their Git commits on OSX.