Today GitHub's weekly newsletter brought me this handy Guide about GPG signing, git and GitHub. I tried setting everything up after GitHub released the feature back in April 2016, but I couldn't get it to work with Tower because the app doesn't officially support it.
@dmilith Currently, support for PGP signing is not planned. Although I wouldn't say "never"...— Tower (@gittower) January 29, 2014
After some research and tinkering, I found a working solution for me. Here's how I've done it:
1. Follow @pstadler's Guide
Just follow Patrick's guide step by step. I would also recommend to do the extra work and complete the optional steps for a password-less process.
2. Create a GPG wrapper command
Create a new executable file here
/usr/local/bin/gpg_wrap. It will contain the following code:
#!/bin/sh /usr/local/bin/gpg --batch $*
Thanks to @dmilith on Twitter for the idea!
3. Update your
Add the following line to your
[gpg] program = /usr/local/bin/gpg_wrap
That's it! Now you should be able to sign your Git commits with your selected GPG key without leaving Tower!