Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GPG signing breaks commit flow #1146

Open
mewejo opened this issue Jan 20, 2021 · 10 comments
Open

GPG signing breaks commit flow #1146

mewejo opened this issue Jan 20, 2021 · 10 comments
Labels
bug Something isn't working

Comments

@mewejo
Copy link

mewejo commented Jan 20, 2021

Describe the bug
When signing commits with a GPG key (which is unlocked, but password protected), Lazygit gets booted out to a shell and prompts pressing enter to return to Lazygit.

To Reproduce
Steps to reproduce the behavior:

  1. Setup GPG signing (I have a passworded key in this example)
  2. Setup auto signing with git config --global commit.gpgsign true
  3. Make a commit via Lazygit
  4. Booted out of UI and have to press enter to return to Lazygit: https://github.com/jesseduffield/lazygit/blob/master/pkg/i18n/english.go#L823

Output when booted out:

➜  linux-scripts git:(master) ✗ lazygit 

+ bash -c git commit  -m "test: remove file"

[master 7e90dc1] test: remove file
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 test

Press enter to return to lazygit
➜  linux-scripts git:(master)

Expected behavior
Make the commit. Do not close the UI, do require pressing enter. Do not pass go :-)

Desktop:

  • OS: Pop!_OS (Ubuntu)
  • Lazygit Version: 0.23.2

Additional context
Maybe related to #30
@mewejo mewejo added the bug Something isn't working label Jan 20, 2021
@rafamadriz
Copy link

Same issue here, it would be nice if we could commit using gpg. For now it gives an error as described above

@fr3fou
Copy link

fr3fou commented Oct 13, 2021

Any news? I've got the same issue here too

@jesseduffield
Copy link
Owner

Sorry for the late reply on this one. My understanding was that gpg signing always required a password. Is this not the case? If so, we can add a config option for not switching to the subprocess. If gpg never asks for a password, we can stop switching to a subprocess altogether. Unfortunately I was never able to get gpg signing working properly on my mac, and I don't use it at work so I'm not across how it typically works.

@mewejo
Copy link
Author

mewejo commented Oct 22, 2021

Hey @jesseduffield - for me it sometimes asks for a password, kind of like sudo. It remembers for a set period of time.

@fr3fou
Copy link

fr3fou commented Oct 22, 2021
edited

Sorry for the late reply on this one. My understanding was that gpg signing always required a password. Is this not the case? If so, we can add a config option for not switching to the subprocess. If gpg never asks for a password, we can stop switching to a subprocess altogether. Unfortunately I was never able to get gpg signing working properly on my mac, and I don't use it at work so I'm not across how it typically works.

You can make the agent / keychain (not sure which) remember your password. It never asks me for mine

@rafamadriz
Copy link

My understanding was that gpg signing always required a password. Is this not the case?

It depends, as @fr3fou mentioned you can configure gpg to remember your password for a long period of time so it doesn't always ask for one. Also take into consideration that depending of user configuration, gpg might be configured to ask password in console, which if I remember correctly, messes up with lazygit because gpg tries to take over the terminal you're working on. Now if you're using the gtk/qt program it shouldn't be a problem.

@jesseduffield
Copy link
Owner

It sounds like the best approach here is to introduce a config option to override the default behaviour of switching to a subprocess if GPG signing is enabled. In that case, those who never need to provide a password never need to leave lazygit.

Unfortunately, dealing with the request for a password without switching to a subprocess is challenging. There's two ways I know of to do it:

  1. use a package like go-git (see here https://github.com/go-git/go-git/blob/db2bc57350561c4368a8d32c42476699b48d2a09/worktree_commit_test.go#L355) which I've had problems with in the past, and I'm not actually sure how it would work in this case.
  2. set the GIT_ASKPASS env var to point to the lazygit binary and have it open another lazygit application in a client-mode so that you can provide the details from the parent lazygit. This too is tricky to set up and I still have no idea whether it would be considered secure. I also suspect gpg signing doesn't actually make use of GIT_ASKPASS.

@jesseduffield
Copy link
Owner

just realised we actually already have a config key for this: git.overrideGpg

@bogosj
Copy link

bogosj commented Dec 4, 2021
edited

lazygit was having issues for me when my gpg key wasn't unlocked. I've updated my alias to prime gpg-agent (I think...) and it seems to have stopped the failure condition I was running into.

alias lg='echo "foo" | gpg --sign -u [myemail] > /dev/null; lazygit'

@bartgol bartgol mentioned this issue Jan 27, 2022
Closed
@BrianHicks
Copy link

I subscribed here to see if there's a better solution 👋 eventually 👋 but in the meantime it looks like git.overrideGpg solves the "GPG never asks for my password, so stop dumping me to a prompt on commit" problem, at least for me. Thank you, @jesseduffield!

@mwinckler mwinckler mentioned this issue Apr 7, 2023
Closed
@eldios eldios mentioned this issue Apr 7, 2024
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@BrianHicks @mewejo @fr3fou @jesseduffield @bogosj @rafamadriz