flatpak-build-sign - Sign an application or runtime

flatpak build-sign [OPTION...] LOCATION ID [BRANCH]

Signs the commit for a specified application or runtime in a local repository. LOCATION is the location of the repository. ID is the name of the application, or runtime if --runtime is specified. If BRANCH is not specified, it is assumed to be "master".

Applications can also be signed during build-export, but it is sometimes useful to add additional signatures later.

The following options are understood:

-h, --help

Show help options and exit.


Sign the commit with this GPG key. This option can be used multiple times.


GPG Homedir to use when looking for keyrings


Sign a runtime instead of an app.


The architecture to use. See flatpak --supported-arches for architectures supported by the host.

-v, --verbose

Print debug information during command processing.


Print OSTree debug information during command processing.

$ flatpak build-sign --gpg-sign=D8BA6573DDD2418027736F1BC33B315E53C1E9D6 /some/repo org.my.App

ostree(1), flatpak(1), flatpak-build-export(1), flatpak-build(1),