How to sign a commit using this script

[tgrieger-sf]

I am trying to use this script to open a PR with a signed commit but I am having troubles actually getting the commit signed. The account I am using has a GPG key set up in github. What I've been trying to do is pass something into the signature_key parameter on Dependabot::PullRequestCreator.new but I'm not sure if that's the right way to do it or what exactly I should be passing to that. Any help would be greatly appreciated!

[codebasky]

I too face the same issue. Getting 'gpgme_op_sign_result': NULL pointer given (ArgumentError)'
Passed the GPG Key as signature_key parameter to Dependabot::PullRequestCreator.new.

@tgrieger-sf did you able to fix it?

`Source: {:type=>"default", :source=>"github.com/go-chi/chi/v5"}

• Updating github.com/go-chi/chi/v5 (from 5.0.8)…(to 5.1.0)/Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/gpgme-2.0.24/lib/gpgme/ctx.rb:534:in gpgme_op_sign_result': NULL pointer given (ArgumentError) from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/gpgme-2.0.24/lib/gpgme/ctx.rb:534:in sign_result'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/gpgme-2.0.24/lib/gpgme/crypto.rb:251:in rescue in block in sign' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/gpgme-2.0.24/lib/gpgme/crypto.rb:248:in block in sign'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/gpgme-2.0.24/lib/gpgme/ctx.rb:80:in new' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/gpgme-2.0.24/lib/gpgme/crypto.rb:242:in sign'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/dependabot-common-0.265.0/lib/dependabot/pull_request_creator/commit_signer.rb:65:in signature' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in bind_call'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in validate_call' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/_methods.rb:277:in block in _on_method_added'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/dependabot-common-0.265.0/lib/dependabot/pull_request_creator/github.rb:518:in commit_signature' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in bind_call'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in validate_call' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/_methods.rb:277:in block in _on_method_added'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/dependabot-common-0.265.0/lib/dependabot/pull_request_creator/github.rb:267:in commit_options' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in bind_call'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in validate_call' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/_methods.rb:277:in block in _on_method_added'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/dependabot-common-0.265.0/lib/dependabot/pull_request_creator/github.rb:240:in create_commit' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in bind_call'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in validate_call' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/_methods.rb:277:in block in _on_method_added'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/dependabot-common-0.265.0/lib/dependabot/pull_request_creator/github.rb:206:in create_annotated_pull_request' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in bind_call'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in validate_call' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/_methods.rb:277:in block in _on_method_added'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/dependabot-common-0.265.0/lib/dependabot/pull_request_creator/github.rb:120:in create' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in bind_call'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in validate_call' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/_methods.rb:277:in block in _on_method_added'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/dependabot-common-0.265.0/lib/dependabot/pull_request_creator.rb:239:in create' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in bind_call'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/call_validation.rb:270:in validate_call' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/sorbet-runtime-0.5.11481/lib/types/private/methods/_methods.rb:277:in block in _on_method_added'
  from ./generic-update-script.rb:260:in block in <main>' from ./generic-update-script.rb:177:in each'
  from ./generic-update-script.rb:177:in <main>' /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/gpgme-2.0.24/lib/gpgme/ctx.rb:529:in sign': Unusable secret key (GPGME::Error::UnusableSecretKey)
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/gpgme-2.0.24/lib/gpgme/crypto.rb:249:in block in sign' from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/gpgme-2.0.24/lib/gpgme/ctx.rb:80:in new'
  from /Users/baskars/.rbenv/versions/3.1.6/lib/ruby/gems/3.1.0/gems/gpgme-2.0.24/lib/gpgme/crypto.rb:242:in sign'

[tgrieger]

I was on the right track with passing in the signature_key parameter but was just formatting it incorrectly. What I do now when I run the script is add the output of export SIGNATURE_KEY=$(gpg --export-secret-keys -a <key id>) as an environment variable and pass the environment variable value in as the signature_key parameter

[testbasky]

I was on the right track with passing in the signature_key parameter but was just formatting it incorrectly. What I do now when I run the script is add the output of export SIGNATURE_KEY=$(gpg --export-secret-keys -a <key id>) as an environment variable and pass the environment variable value in as the signature_key parameter

Thanks a lot @tgrieger that solved for me. I can do signed commit as well.