Install and configure the development environment

[dev-nguyenhoanganh]

Install and configure the development environment

• [x] Turn on protect branch feature (Require signed commits, Block force pushes, ...)
• [x] Clone repo and set GPG key for commits

[dev-nguyenhoanganh]

How to create signature verification for commits

1. Download then install GPG software
2. Execute command gpg --full-generate-key then do the following step: Each time commit code, we will need to re-enter the passphrase, so we need to save the passphrase for later use.
3. Execute the following commands

# List the long form of the GPG keys for which we have both a public and private key.
gpg --list-secret-keys --keyid-format=long

# Prints the GPG key ID, in ASCII armor format
gpg --armor --export [short-key]

sec rsa4096/[short-key] 2024-02-12 [SC]

4, Copy GPG key, beginning and ending with

-----BEGIN PGP PUBLIC KEY BLOCK-----
[huge-ascii-key]
-----END PGP PUBLIC KEY BLOCK-----

5, Add the GPG key to your GitHub account: Setting > SSH and GPG keys > New GPG key

6, Telling Git about signing key

git config --global user.signingkey [short-key]
git config --global commit.gpgsign true
git config --global gpg.program "C:/Program Files (x86)/gnupg/bin/gpg"