GPG

brew install gnupg

gpg --import private.key

gpg --list-keys

# Output
/Users/muxinqi/.gnupg/pubring.kbx
---------------------------------
pub   rsa4096 2020-12-25 [SC] [expires: 2024-12-25]
      ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMN
uid           [ unknown] muxinqi <hi@muxinqi.com>
uid           [ unknown] muxinqi <hi@mxq.im>
sub   rsa4096 2020-12-25 [E] [expires: 2024-12-25]
sub   rsa4096 2021-03-20 [S] [expires: 2024-12-25]

gpg --edit-key ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMN

> trust
> 5 # Ultimate
> y # Confirm
> q # Quit

gpgconf --kill gpg-agent

gpg --list-keys

/Users/muxinqi/.gnupg/pubring.kbx
---------------------------------
pub   rsa4096 2020-12-25 [SC] [expires: 2024-12-25]
      ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMN
uid           [ultimate] muxinqi <hi@muxinqi.com>
uid           [ultimate] muxinqi <hi@mxq.im>
sub   rsa4096 2020-12-25 [E] [expires: 2024-12-25]
sub   rsa4096 2021-03-20 [S] [expires: 2024-12-25]

git config --global user.signingkey ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMN
git config --global gpg.program $(which gpg)

export GPG_TTY=$(tty)

git commit -S -m "signed commit"

git config --global commit.gpgsign true

brew install pinentry-mac
echo "pinentry-program $(which pinentry-mac)" >> ~/.gnupg/gpg-agent.conf

gpgconf --kill gpg-agent