Fork me on GitHub

n. Slang a rough lawless young Kuali developer.
[perhaps variant of Houlihan, Irish surname]
kualiganism n

Blog of an rSmart Java Developer. Full of code examples, solutions, best practices, et al.

Saturday, December 7, 2013

Signing Git Commits


After Kuali Days, one of my takeaways was that the switch from SVN to Git is pretty imminent. I am just posting a quick example of how to digitally sign commits which is a great feature in Git.

Why Sign Commits?

Actually, you can sign commits, tags, and branches in Git. Just as an example though, let's look at commits.

For those of you that are familiar with the creator of Git, Linus Torvalds, here is a quote from the rather lengthy correspondence on GitHub:

(b) since github identities are random, I expect the pull request to
be a signed tag, so that I can verify the identity of the person in


1 First setup a PGP Key

I use gpg on the Mac. There are plenty of other blog posts, etc... on how to setup GPG on your Mac/PC. I'm going to assume that you have already done this.

2 Create a KeyPair

Once you have GPG setup, you'll want a keypair. Again, there are lots of blogs out there on how to do this.

3 Add Key to Git Configuration

Assuming you already have GPG setup and your keypair is created, you should be able to do the following:

(19:42:09) [24] gpg --list-keys
pub   4096R/7B2D3C57 2012-03-04 [expired: 2013-03-04]
uid                  Leo Przybylski 

pub   4096R/2349D2B7 2012-07-07
uid                  Leo Przybylski (For Examples) 
sub   4096R/ED1F82E4 2012-07-07

pub   4096R/2DDF1261 2013-06-04 [expires: 2014-06-04]
uid                  Leo Przybylski (Personal Key) 
sub   4096R/71EA9FC8 2013-06-04 [expires: 2014-06-04]

Each key has a particular ID. I have marked the one for this example in bold (2DDF1261).

To add your key to Git, you would execute the following:
git config --global user.signingkey 2DDF1261

4 Commit some code

Now that we have it setup, let's commit something.

(20:03:36) [192] git commit -S -am "Fixing forking issue by adding a boolean to check if forking is allowed and only sync the netty channel when forking is NOT required."

You need a passphrase to unlock the secret key for
user: "Leo Przybylski (Personal Key) "
4096-bit RSA key, ID 2DDF1261, created 2013-06-04

5 Check the Commit Log

Now we need to check the commit log with git log --show-signature

commit 6d97de7e977fc3ff6b2fb95d1645f16db764ebfc
gpg: Signature made Sat Dec  7 10:56:35 2013 MST using RSA key ID 2DDF1261
gpg: Good signature from "Leo Przybylski (Personal Key) "
Author: Przybylski 중광 
Date:   Sat Dec 7 10:56:35 2013 -0700

    Fixing forking issue by adding a boolean to check if forking is allowed and only sync the netty channel when forking is NOT required


There you have it. Now you can sign your commits and/or tags in Git!

New Maven Plugin! redis-maven-plugin


As many of you know, I've been implementing the Data Dictionary with a Redis backing store. It seems like an obvious move, right? Move the DD out of memory and into its own separate application? Good news is we're about ready to release! This isn't about though! This is about the redis-maven-plugin. While working on the Redis backing store, it occurred to me that a redis server that automagically started and ran embedded for integration tests would be a really really good thing. I looked around github, but couldn't find one at the time. This is the sad news. I didn't exactly know how to do it, so I asked for help. In asking for help, some other folks thought to give it a shot instead of joining my project. Now there are a few different versions out there. I still think this is the most complete though.


Here's how you can go about using it.

For Integration Tests

Just add the following plugin. The redis plugin is automatically attached to the pre-integration-test and post-integration-test phases.

Attaching to Another Phase

In case (for whatever reason), you don't want your redis server started/stopped with integration tests, here's how you would configure it.

Running Unforked

Sometimes there is a need to just crank up a redis server while you're running your project, but you're not running integration tests. For example, maybe you're running a tomcat7 instance of your application that requires an embedded redis server. We can do that! Or maybe you just need a quick redis server for whatever.

Add the following to your $HOME/.m2/settings.xml

Execute the following:

mvn redis-server:start-no-fork


That's it.

It's been awhile since I've posted on here. I'd like to give a "heads up" on blog posts I'm working on. These are in no particular order.

  • Signed Git Commits
  • Ducktyping Rice Web Services
  • Follow-up to Development environments with Vagrant
  • Multi-environment Log Management with Elasticsearch, Kibana, and Logstash
  • Developing with JRebel (KS, Rice, KC, and KFS)
  • Kuali Student and MySQL Setup
  • Writing Useful Logging and Performance Logging with Perf4J
  • Improvements on KS/KFS Archetypes