Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/gitlab/gpg/commit.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/gpg/commit.rb')
-rw-r--r--lib/gitlab/gpg/commit.rb10
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/gitlab/gpg/commit.rb b/lib/gitlab/gpg/commit.rb
index a03aeb9c293..1fc95181767 100644
--- a/lib/gitlab/gpg/commit.rb
+++ b/lib/gitlab/gpg/commit.rb
@@ -87,6 +87,7 @@ module Gitlab
end
def verification_status(gpg_key)
+ return :verified_system if verified_by_gitlab?
return :multiple_signatures if multiple_signatures?
return :unknown_key unless gpg_key
return :unverified_key unless gpg_key.verified?
@@ -101,6 +102,15 @@ module Gitlab
end
end
+ # If a commit is signed by Gitaly, the Gitaly returns `SIGNER_SYSTEM` as a signer
+ # In order to calculate it, the signature is Verified using the Gitaly's public key:
+ # https://gitlab.com/gitlab-org/gitaly/-/blob/v16.2.0-rc2/internal/gitaly/service/commit/commit_signatures.go#L63
+ #
+ # It is safe to skip verification step if the commit has been signed by Gitaly
+ def verified_by_gitlab?
+ signer == :SIGNER_SYSTEM
+ end
+
def user_infos(gpg_key)
gpg_key&.verified_user_infos&.first || gpg_key&.user_infos&.first || {}
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-17 15:39:00 +0300