gitsign icon indicating copy to clipboard operation
gitsign copied to clipboard
verified publisher icon sigstore

docs: add instructions for setting up gitsign credential cache on Mac OS

Open lulf opened this issue 2 years ago • 3 comments

Summary

Instructions for running gitsign-credential-cache in the background on Mac OS.

Release Note

Documentation

lulf avatar Aug 16 '23 11:08 lulf

@cpanato Interesting, this is working for me, so maybe I have done something more that need to be in the instructions. Did you already remove the gitsign-credential-cache from quarantine or not? xattr -d com.apple.quarantine /path/to/gitsign-credential-cache. Also launchctl list should show if it gets picked up.

lulf avatar Aug 16 '23 19:08 lulf

@cpanato Interesting, this is working for me, so maybe I have done something more that need to be in the instructions. Did you already remove the gitsign-credential-cache from quarantine or not? xattr -d com.apple.quarantine /path/to/gitsign-credential-cache. Also launchctl list should show if it gets picked up.

the launchctl list shows that

$ launchctl list | grep git
-       78      gitsign-credential-cache

running the command you mentioned does not work looks like

$ xattr -d com.apple.quarantine ~/Library/LaunchAgents/gitsign-credential-cache.plist
xattr: /Users/cpanato/Library/LaunchAgents/gitsign-credential-cache.plist: No such xattr: com.apple.quarantine

when I do the export export GITSIGN_CREDENTIAL_CACHE="$HOME/Library/Caches/sigstore/gitsign/cache.sock"

and try to use I get

error: gpg failed to sign the data:
failed to get identity: error creating RPC socket client: dial unix /Users/cpanato/Library/Caches/sigstore/gitsign/cache.sock: connect: connection refused
Error: failed to get identity: error creating RPC socket client: dial unix /Users/cpanato/Library/Caches/sigstore/gitsign/cache.sock: connect: connection refused

cpanato avatar Aug 17 '23 07:08 cpanato

Kindly ping here. 🤞 It'd be great to move forward this PR for macOS users!

We (@developer-guy) found also this reference: https://gist.github.com/stand-sure/19d1f3e51746da1d1688b5c90ba65812 - We're able to get this to work:

cat << EOF > ~/Library/LaunchAgents/my.gitsign-credential-cache.plist

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>KeepAlive</key>
    <true/>
    <key>Label</key>
    <string>my.gitsign-credential-cache</string>
    <key>ProgramArguments</key>
    <array>
            <string>/opt/homebrew/bin/gitsign-credential-cache</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
    <key>StandardErrorPath</key>
    <string>/opt/homebrew/var/log/gitsign-credential-cache.log</string>
    <key>StandardOutPath</key>
    <string>/opt/homebrew/var/log/gitsign-credential-cache.log</string>
</dict>
</plist>
<<EOF

Then:

launchtl load -w ~/Library/LaunchAgents/my.gitsign-credential-cache.plist
export GITSIGN_CREDENTIAL_CACHE="/Users/<your_username>/Library/Caches/sigstore/gitsign/cache.sock"

/cc @wlynch

Dentrax avatar Mar 20 '24 20:03 Dentrax