git push always asking for signing even when explicitly disabled

[jaypikay]

I have checked that my configuration is not signing any commits (global/local).

Even with git push --no-signed with git commit --no-gpg-sign I get asked to sign the push.

[quexten]

Git push does not do commit signing. Instead this is about logging in to github.com to push.
git has 2 ways to push, https and SSH. When using ssh as the transport, and if you configured your ssh auth socket to goldwarden, it will ask you to sign for the ssh login to github.com required for the push, since the ssh key stored in goldwarden is used to authenticate to github.

What exactly do you want to achieve? Do you want to sign some commits? Do you want to sign no commits but use goldwarden to hold the ssh keys for pushing to github? Do you want to use local ssh keys (not stored in goldwarden) for github, but goldwarden ssh keys for login into other servers? Or is it just about the request being annoying? (for the last one there is this issue: #143).

[jaypikay]

When using lazygit, or scripts accessing performing actions on a few git repositories, I was asked to authorize the key usage to sign in (which is find and controlled by polkit), but then it asked to sign using the ssh key.

I am not 100% sure what actually helped, but I have switched back to gpgsign=true, but have not enabled ssh keys for that. I now get notified the the commit was signed, but I did not have to confirm it. If I can figure it out I will post it here.

[jaypikay]

Hi, I am still confused about the whole "SSH Key Signing Request" actions with goldwarden. I am not sure why it is asking me on every git (pull|push|commit). All signing actions are disabled per global ~/.gitconfig and not enabled on a per project bases. What am I missing here?