diff options
authorLinus Torvalds <>2005-10-06 21:10:39 (GMT)
committerJunio C Hamano <>2005-10-06 21:23:29 (GMT)
commitbc162e40ea6dc3208e3bda76301d6409607ed3ff (patch)
parent12aac5de3dd73a1f9d03f81c5b0087e71794cee7 (diff)
Allow "-u" flag to tag signing
The current "git tag -s" thing always uses the tagger name as the signing user key, which is very irritating, since my key is under my email address, but the tagger key obviously contains the actual machine name too. Now, I could just use "GIT_COMMITTER_EMAIL" and force it to be my real email, but I actually think that it's nice to see which machine I use for my work. So rather than force my tagger ID to have to match the gpg key name, just support the "-u" flag to "git tag" instead. It implicitly enables signing, since it doesn't make any sense without it. Thus: git tag -u <gpg-key-name> <tag-name> [<tagged-object>] will use the named gpg key for signing. Signed-off-by: Linus Torvalds <> Signed-off-by: Junio C Hamano <>
2 files changed, 29 insertions, 11 deletions
diff --git a/Documentation/git-tag.txt b/Documentation/git-tag.txt
index 1e0d4f5..1eafeef 100644
--- a/Documentation/git-tag.txt
+++ b/Documentation/git-tag.txt
@@ -10,19 +10,27 @@ git-tag - Create a tag object signed with GPG
-'git-tag' [-s | -a] [-f] <name>
+'git-tag' [-a | -s | -u <key-id>] [-f] [-m <msg>] <name>
-Adds a "tag" reference in .git/refs/tags/
+Adds a 'tag' reference in .git/refs/tags/
-Unless "-f" is given, the tag must not yet exist in ".git/refs/tags"
+Unless `-f` is given, the tag must not yet exist in
+`.git/refs/tags/` directory.
-If "-s" or "-a" is passed, the user will be prompted for a tag message.
-and a tag object is created. Otherwise just the SHA1 object
-name of the commit object is written.
+If one of `-a`, `-s`, or `-u <key-id>` is passed, the command
+creates a 'tag' object, and requires the tag message. Unless
+`-m <msg>` is given, an editor is started for the user to type
+in the tag message.
-A GnuPG signed tag object will be created when "-s" is used.
+Otherwise just the SHA1 object name of the commit object is
+written (i.e. an lightweight tag).
+A GnuPG signed tag object will be created when `-s` or `-u
+<key-id>` is used. When `-u <key-id>` is not used, the
+committer identity for the current user is used to find the
+GnuPG key for signing.
diff --git a/ b/
index 76c1bcd..9afdf5c 100755
--- a/
+++ b/
@@ -4,7 +4,7 @@
. git-sh-setup || die "Not a git archive"
usage () {
- echo >&2 "Usage: git-tag [-a | -s] [-f] [-m "tag message"] tagname"
+ echo >&2 "Usage: git-tag [-a | -s | -u <key-id>] [-f] [-m <msg>] <tagname>"
exit 1
@@ -12,6 +12,7 @@ annotate=
while case "$#" in 0) break ;; esac
case "$1" in
@@ -30,6 +31,12 @@ do
+ -u)
+ annotate=1
+ signed=1
+ shift
+ username="$1"
+ ;;
@@ -50,6 +57,7 @@ shift
object=$(git-rev-parse --verify --default HEAD "$@") || exit 1
type=$(git-cat-file -t $object) || exit 1
tagger=$(git-var GIT_COMMITTER_IDENT) || exit 1
+: ${username:=$(expr "$tagger" : '\(.*>\)')}
trap 'rm -f .tmp-tag* .tagmsg .editmsg' 0
@@ -65,13 +73,15 @@ if [ "$annotate" ]; then
grep -v '^#' < .editmsg | git-stripspace > .tagmsg
- [ -s .tagmsg ] || exit
+ [ -s .tagmsg ] || {
+ echo >&2 "No tag message?"
+ exit 1
+ }
( echo -e "object $object\ntype $type\ntag $name\ntagger $tagger\n"; cat .tagmsg ) > .tmp-tag
rm -f .tmp-tag.asc .tagmsg
if [ "$signed" ]; then
- me=$(expr "$tagger" : '\(.*>\)') &&
- gpg -bsa -u "$me" .tmp-tag &&
+ gpg -bsa -u "$username" .tmp-tag &&
cat .tmp-tag.asc >>.tmp-tag ||
die "failed to sign the tag with GPG."