git verify trusted tags

I would like to include git tag -v command into the deployment process to catch unsigned tags or tags signed by a non-trusted GPG key.

The command returns with an exit code of 0 if the tag has a valid signature, but does not care wether the signed key is trusted or not.

I don't want to resort to grepping the resulting GPG message manually

Solution

I haven't tried it yet, and the documentation doesn't mention exit codes, but you could try

git-verify-tag plumbing command

Update Having no easy way to test this, I've reviewed the source code:

https://github.com/git/git/blob/81b50f3ce40bfdd66e5d967bf82be001039a9a98/builtin/verify-tag.c

It does appear to consciously return the relevant result codes, so I'd expect this to work

RPC failed; HTTP 400 curl 22 The requested URL returned error: 400 Bad Request
Source Control in VSCode is not refreshed automatically
How can I quit an in-progress git merge operation in VS Code?
git: create tag and push to remote: why tag is behind master on remote?
Git error when trying to push -- pre-receive hook declined
How do I revert my changes to a git submodule?
Visual Studio Code cannot detect installed Git
Force a branch naming convention in Azure DevOps Git
Is it possible to search through Git stash items?
How to rename main branch to master on a Github repository
I can't clone git repository .../info/refs not valid
How do I copy a version of a single file from one Git branch to another?
How to use gitignore command in git
Git pull freeze Mac
How do I remove local (untracked) files from the current Git working tree?
Xcode project shows two git repositories (only one is correct); commits go to both
git fatal error: Unsupported SSL backend 'schannel'
How to delete a git submodule locally?
How to show the first commit by 'git log'?
Git status shows files as changed even though contents are the same
How to commit/push a Git tag with Gradle?
GitLab: How to change merge commit message template?
Visual Studio Code git/source control gutter stopped showing
what are proper steps for adding git tag to a commit in bash?
Quantifying the amount of change in a git diff?
Clear git local cache
ssh: Could not resolve hostname git: Name or service not known fatal: Could not read from remote repository
GitHub folders have a white arrow on them
Intellij no longer showing "Resolve Conflicts" dialog?
Delete git LFS files not in repo