From 74cffeae52e4d5b5ad4ea5696f68e30191670fb1 Mon Sep 17 00:00:00 2001 From: Michael Bahr Date: Wed, 4 Sep 2024 10:10:56 +0200 Subject: [PATCH] docs(batches): explain web commit signing requirement --- docs/admin/config/batch_changes.mdx | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/admin/config/batch_changes.mdx b/docs/admin/config/batch_changes.mdx index 455bb0acc..0da626424 100644 --- a/docs/admin/config/batch_changes.mdx +++ b/docs/admin/config/batch_changes.mdx @@ -188,6 +188,8 @@ Sourcegraph can be configured to [sign commits pushed to GitHub](https://docs.gi At present, only GitHub code hosts (both Cloud and Enterprise) are supported, and only GitHub App signing is supported. Support for other code hosts and signing methods may be added in the future. + Commit signing on GitHub Enterprise requires [web commit signing](https://docs.github.com/en/enterprise-server@3.14/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-web-commit-signing#enabling-web-commit-signing) to be enabled. Otherwise commits from GitHub apps will be unverified. + GitHub Apps are also the recommended way to [sync repositories on GitHub](/admin/code_hosts/github#using-a-github-app). However, **they are not a replacement for [PATs](/batch-changes/configuring-credentials#personal-access-tokens) in Batch Changes**. It is **also** necessary to create a separate GitHub App for Batch Changes commit signing even if you already have an App connected for the same code host for repository syncing because the Apps require different permissions. The process for creating each type of GitHub App is almost identical. To create a GitHub App for commit signing and connect it to Sourcegraph: