Skip to content
Latchkey

git verify-tag: Usage, Options & Common CI Errors

git verify-tag confirms that a signed annotated tag is authentic and trusted.

Release pipelines that ship from signed tags use verify-tag to ensure the tag was created by an authorized key before building or publishing artifacts.

What it does

git verify-tag checks the GPG or SSH signature embedded in an annotated tag object against your keyring and exits non-zero if it is missing, invalid, or untrusted.

Common usage

Terminal
git verify-tag v1.2.0
git verify-tag -v v1.2.0
git verify-tag --raw v1.2.0
git tag -v v1.2.0

Options

FlagWhat it does
-v / --verboseShow the tag body and signature info
--rawEmit raw GPG status output
<tag>The tag to verify

Common errors in CI

error: <tag>: cannot verify a non-tag object - lightweight tags carry no signature, so only annotated, signed tags (git tag -s) can be verified. "gpg: Can’t check signature: No public key" means the runner lacks the signer’s public key; import it before the gate runs.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →