GnuPG and GitLab

You can use your newly created key in GitLab very easily.

  1. Export your GnuPG key as explained in the main document:

    • gpg2 --armor --export [KEY_ID] | xclip -selection clipboard

  2. In your GitLab GPG Keys settings paste the contents of the public key and hit the Add key button.

  3. Configure your local git installation:

    • git config --global user.signingkey [KEY_ID]

    • git config --global gpg.program gpg2

  4. Use the -S switch to sign your commit:

    • git commit -S -m "Some changes"

Run the git config --global commit.gpgsign true command to sign all commits by default.

You should see your commits appearing as "Verified" on GitLab.

gpg gitlab
Make sure your GitLab profile page shows the "commit email" to be the same as the one you used for your key! Otherwise your commits will stay unverified.