Skip to content

Commit

Permalink
Correct doc about the Git module verify_commit param
Browse files Browse the repository at this point in the history
All that is required to verify the signature is that the matching
public key is present in the remote user's keyring. There is no need
for GnuPG to explicitly trust the authenticity of the key.

Not Ansible specific, but rather the behavior of the `git verify-commit`
and the `git verify-tag` command line invocations.
  • Loading branch information
andreaso authored and bcoca committed Jul 3, 2017
1 parent bda066f commit 42408a9
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/ansible/modules/source_control/git.py
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@
- if C(yes), when cloning or checking out a C(version) verify the
signature of a GPG signed commit. This requires C(git) version>=2.1.0
to be installed. The commit MUST be signed and the public key MUST
be trusted in the GPG trustdb.
be present in the GPG keyring.
archive:
required: false
Expand Down

0 comments on commit 42408a9

Please sign in to comment.