feat: add ssh_signing_key input for SSH commit signing (#784)

* feat: add ssh_signing_key input for SSH commit signing Add a new ssh_signing_key input that allows passing an SSH signing key for commit signing, as an alternative to the existing use_commit_signing (which uses GitHub API-based commits). When ssh_signing_key is provided: - Git is configured to use SSH signing (gpg.format=ssh, commit.gpgsign=true) - The key is written to ~/.ssh/claude_signing_key with 0600 permissions - Git CLI commands are used (not MCP file ops) - The key is cleaned up in a post step for security Behavior matrix: | ssh_signing_key | use_commit_signing | Result | |-----------------|-------------------|--------| | not set | false | Regular git, no signing | | not set | true | GitHub API (MCP), verified commits | | set | false | Git CLI with SSH signing | | set | true | Git CLI with SSH signing (ssh_signing_key takes precedence) * docs: add SSH signing key documentation - Update security.md with detailed setup instructions for both signing options - Explain that ssh_signing_key enables full git CLI operations (rebasing, etc.) - Add ssh_signing_key to inputs table in usage.md - Update bot_id/bot_name descriptions to note they're needed for verified commits * fix: address security review feedback for SSH signing - Write SSH key atomically with mode 0o600 (fixes TOCTOU race condition) - Create .ssh directory with mode 0o700 (SSH best practices) - Add input validation for SSH key format - Remove unused chmod import - Add tests for validation logic
2026-01-22 14:24:13 +08:00 · 2026-01-02 10:37:25 -08:00
parent 154d0de144
commit 7e4bf87b1c
14 changed files with 458 additions and 12 deletions
--- a/docs/security.md
+++ b/docs/security.md
@@ -38,7 +38,64 @@ The following permissions are requested but not yet actively used. These will en

 ## Commit Signing

-Commits made by Claude through this action are no longer automatically signed with commit signatures. To enable commit signing set `use_commit_signing: True` in the workflow(s). This ensures the authenticity and integrity of commits, providing a verifiable trail of changes made by the action.
+By default, commits made by Claude are unsigned. You can enable commit signing using one of two methods:
+
+### Option 1: GitHub API Commit Signing (use_commit_signing)
+
+This uses GitHub's API to create commits, which automatically signs them as verified from the GitHub App:
+
+```yaml
+- uses: anthropics/claude-code-action@main
+  with:
+    use_commit_signing: true
+```
+
+This is the simplest option and requires no additional setup. However, because it uses the GitHub API instead of git CLI, it cannot perform complex git operations like rebasing, cherry-picking, or interactive history manipulation.
+
+### Option 2: SSH Signing Key (ssh_signing_key)
+
+This uses an SSH key to sign commits via git CLI. Use this option when you need both signed commits AND standard git operations (rebasing, cherry-picking, etc.):
+
+```yaml
+- uses: anthropics/claude-code-action@main
+  with:
+    ssh_signing_key: ${{ secrets.SSH_SIGNING_KEY }}
+    bot_id: "YOUR_GITHUB_USER_ID"
+    bot_name: "YOUR_GITHUB_USERNAME"
+```
+
+Commits will show as verified and attributed to the GitHub account that owns the signing key.
+
+**Setup steps:**
+
+1. Generate an SSH key pair for signing:
+
+   ```bash
+   ssh-keygen -t ed25519 -f ~/.ssh/signing_key -N "" -C "commit signing key"
+   ```
+
+2. Add the **public key** to your GitHub account:
+
+   - Go to GitHub → Settings → SSH and GPG keys
+   - Click "New SSH key"
+   - Select **Key type: Signing Key** (important)
+   - Paste the contents of `~/.ssh/signing_key.pub`
+
+3. Add the **private key** to your repository secrets:
+
+   - Go to your repo → Settings → Secrets and variables → Actions
+   - Create a new secret named `SSH_SIGNING_KEY`
+   - Paste the contents of `~/.ssh/signing_key`
+
+4. Get your GitHub user ID:
+
+   ```bash
+   gh api users/YOUR_USERNAME --jq '.id'
+   ```
+
+5. Update your workflow with `bot_id` and `bot_name` matching the account where you added the signing key.
+
+**Note:** If both `ssh_signing_key` and `use_commit_signing` are provided, `ssh_signing_key` takes precedence.

 ## ⚠️ Authentication Protection

--- a/docs/usage.md
+++ b/docs/usage.md
@@ -71,9 +71,10 @@ jobs:
 | `branch_prefix`                  | The prefix to use for Claude branches (defaults to 'claude/', use 'claude-' for dash format)                                                                                           | No       | `claude/`     |
 | `settings`                       | Claude Code settings as JSON string or path to settings JSON file                                                                                                                      | No       | ""            |
 | `additional_permissions`         | Additional permissions to enable. Currently supports 'actions: read' for viewing workflow results                                                                                      | No       | ""            |
-| `use_commit_signing`             | Enable commit signing using GitHub's commit signature verification. When false, Claude uses standard git commands                                                                      | No       | `false`       |
-| `bot_id`                         | GitHub user ID to use for git operations (defaults to Claude's bot ID)                                                                                                                 | No       | `41898282`    |
-| `bot_name`                       | GitHub username to use for git operations (defaults to Claude's bot name)                                                                                                              | No       | `claude[bot]` |
+| `use_commit_signing`             | Enable commit signing using GitHub's API. Simple but cannot perform complex git operations like rebasing. See [Security](./security.md#commit-signing)                                 | No       | `false`       |
+| `ssh_signing_key`                | SSH private key for signing commits. Enables signed commits with full git CLI support (rebasing, etc.). See [Security](./security.md#commit-signing)                                   | No       | ""            |
+| `bot_id`                         | GitHub user ID to use for git operations (defaults to Claude's bot ID). Required with `ssh_signing_key` for verified commits                                                           | No       | `41898282`    |
+| `bot_name`                       | GitHub username to use for git operations (defaults to Claude's bot name). Required with `ssh_signing_key` for verified commits                                                        | No       | `claude[bot]` |
 | `allowed_bots`                   | Comma-separated list of allowed bot usernames, or '\*' to allow all bots. Empty string (default) allows no bots                                                                        | No       | ""            |
 | `allowed_non_write_users`        | **⚠️ RISKY**: Comma-separated list of usernames to allow without write permissions, or '\*' for all users. Only works with `github_token` input. See [Security](./security.md)         | No       | ""            |
 | `path_to_claude_code_executable` | Optional path to a custom Claude Code executable. Skips automatic installation. Useful for Nix, custom containers, or specialized environments                                         | No       | ""            |