Signing Git commits inside VS Code dev containers using host GPG key on macOS (restricted mode)

[jwaldrip]

I'm trying to sign Git commits inside a VS Code dev container using my host macOS GPG key, but I'm running into issues caused by gnupg's "restricted mode."

Because the GPG agent socket is managed by launchd, I can't bind-mount or forward it into the container. The following command fails:

> gpg-connect-agent reloadagent /bye
gpg-connect-agent: connection to the agent is in restricted mode
ERR 67109115 Forbidden <GPG Agent>

This prevents using GPG for commit signing inside containers, even though the key is available and works from the host CLI. I’m aware that restricted mode intentionally blocks agent-level control and socket forwarding for security reasons, but I’d love to hear:

Has anyone successfully proxied signing requests to the macOS GPG agent from within a container?

Are there any plans to improve GPG container support on macOS?

Is agent-extra-socket forwarding viable in this scenario, or blocked the same way?

My ideal solution: use my host GPG key (without exporting it) to sign commits inside the container, while still leveraging pinentry-mac on the host.

Appreciate any insights, workarounds, or validation that this is just flat-out impossible!