diff options
author | Achilleas Pipinellis <axilleas@axilleas.me> | 2017-08-18 10:48:11 +0300 |
---|---|---|
committer | Achilleas Pipinellis <axilleas@axilleas.me> | 2017-08-18 10:52:35 +0300 |
commit | 4d4994f4cdf8d55009595b6feb3761f23823b8db (patch) | |
tree | 98bf9304dd9e09ee96619fcf875deb83802dae6b /doc/workflow | |
parent | 1b46a8360e0adffba79fad5730e94e333350f063 (diff) | |
download | gitlab-ce-4d4994f4cdf8d55009595b6feb3761f23823b8db.tar.gz |
Change GPG docs location
Diffstat (limited to 'doc/workflow')
-rw-r--r-- | doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys.png | bin | 32699 -> 0 bytes | |||
-rw-r--r-- | doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png | bin | 24514 -> 0 bytes | |||
-rw-r--r-- | doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png | bin | 10331 -> 0 bytes | |||
-rw-r--r-- | doc/workflow/gpg_signed_commits/img/project_signed_and_unsigned_commits.png | bin | 112812 -> 0 bytes | |||
-rw-r--r-- | doc/workflow/gpg_signed_commits/img/project_signed_commit_unverified_signature.png | bin | 9542 -> 0 bytes | |||
-rw-r--r-- | doc/workflow/gpg_signed_commits/img/project_signed_commit_verified_signature.png | bin | 14029 -> 0 bytes | |||
-rw-r--r-- | doc/workflow/gpg_signed_commits/index.md | 84 |
7 files changed, 0 insertions, 84 deletions
diff --git a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys.png b/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys.png Binary files differdeleted file mode 100644 index e525083918b..00000000000 --- a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys.png +++ /dev/null diff --git a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png b/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png Binary files differdeleted file mode 100644 index 8e26d98f1b0..00000000000 --- a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png +++ /dev/null diff --git a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png b/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png Binary files differdeleted file mode 100644 index f715c46adc3..00000000000 --- a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png +++ /dev/null diff --git a/doc/workflow/gpg_signed_commits/img/project_signed_and_unsigned_commits.png b/doc/workflow/gpg_signed_commits/img/project_signed_and_unsigned_commits.png Binary files differdeleted file mode 100644 index 16ec2d031ae..00000000000 --- a/doc/workflow/gpg_signed_commits/img/project_signed_and_unsigned_commits.png +++ /dev/null diff --git a/doc/workflow/gpg_signed_commits/img/project_signed_commit_unverified_signature.png b/doc/workflow/gpg_signed_commits/img/project_signed_commit_unverified_signature.png Binary files differdeleted file mode 100644 index 22565cf7c7e..00000000000 --- a/doc/workflow/gpg_signed_commits/img/project_signed_commit_unverified_signature.png +++ /dev/null diff --git a/doc/workflow/gpg_signed_commits/img/project_signed_commit_verified_signature.png b/doc/workflow/gpg_signed_commits/img/project_signed_commit_verified_signature.png Binary files differdeleted file mode 100644 index 1778b2ddf2b..00000000000 --- a/doc/workflow/gpg_signed_commits/img/project_signed_commit_verified_signature.png +++ /dev/null diff --git a/doc/workflow/gpg_signed_commits/index.md b/doc/workflow/gpg_signed_commits/index.md deleted file mode 100644 index 7d5762d2b9d..00000000000 --- a/doc/workflow/gpg_signed_commits/index.md +++ /dev/null @@ -1,84 +0,0 @@ -# Signing commits with GPG - -## Getting started - -- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work) -- [Git Tools - Signing Your Work: GPG introduction](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work#_gpg_introduction) -- [Git Tools - Signing Your Work: Signing commits](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work#_signing_commits) - -## How GitLab handles GPG - -GitLab uses its own keyring to verify the GPG signature. It does not access any -public key server. - -In order to have a commit verified on GitLab the corresponding public key needs -to be uploaded to GitLab. - -For a signature to be verified two prerequisites need to be met: - -1. The public key needs to be added to GitLab -1. One of the emails in the GPG key matches your **primary** email - -## Add a GPG key - -1. On the upper right corner, click on your avatar and go to your **Settings**. - - ![Settings dropdown](../../gitlab-basics/img/profile_settings.png) - -1. Navigate to the **GPG keys** tab. - - ![GPG Keys](img/profile_settings_gpg_keys.png) - -1. Paste your **public** key in the 'Key' box. - - ![Paste GPG public key](img/profile_settings_gpg_keys_paste_pub.png) - -1. Finally, click on **Add key** to add it to GitLab. You will be able to see - its fingerprint, the corresponding email address and creation date. - - ![GPG key single page](img/profile_settings_gpg_keys_single_key.png) - ->**Note:** -Once you add a key, you cannot edit it, only remove it. In case the paste -didn't work, you will have to remove the offending key and re-add it. - -## Remove a GPG key - -1. On the upper right corner, click on your avatar and go to your **Settings**. - -1. Navigate to the **GPG keys** tab. - -1. Click on the trash icon besides the GPG key you want to delete. - ->**Note:** -Removing a key **does not unverify** already signed commits. Commits that were -verified by using this key will stay verified. Only unpushed commits will stay -unverified once you remove this key. - -## Revoke a GPG key - -1. On the upper right corner, click on your avatar and go to your **Settings**. - -1. Navigate to the **GPG keys** tab. - -1. Click on **Revoke** besides the GPG key you want to delete. - ->**Note:** -Revoking a key **unverifies** already signed commits. Commits that were -verified by using this key will change to an unverified state. Future commits -will also stay unverified once you revoke this key. This action should be used -in case your key has been compromised. - -## Verifying commits - -1. Within a project navigate to the **Commits** tag. Signed commits will show a - badge containing either "Verified" or "Unverified", depending on the - verification status of the GPG signature. - - ![Signed and unsigned commits](img/project_signed_and_unsigned_commits.png) - -1. By clicking on the GPG badge details of the signature are displayed. - - ![Signed commit with verified signature](img/project_signed_commit_verified_signature.png) - - ![Signed commit with verified signature](img/project_signed_commit_unverified_signature.png) |