Skip to content

G
gitlab-ce
Commit c2c35ae7 authored by Rubén Dávila's avatar Rubén Dávila
Browse files
Options

Consider GPG subkeys when trying to update invalid GPG signatures

parent 59f81399
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 1 deletion
lib/gitlab/gpg/invalid_gpg_signature_updater.rb
View file @ c2c35ae7
...@@ -3,13 +3,14 @@ module Gitlab ...@@ -3,13 +3,14 @@ module Gitlab
class InvalidGpgSignatureUpdater class InvalidGpgSignatureUpdater
def initialize(gpg_key) def initialize(gpg_key)
@gpg_key = gpg_key @gpg_key = gpg_key
@gpg_keyids = gpg_key.subkeys.map(&:keyid).push(gpg_key.primary_keyid)
end end
def run def run
GpgSignature GpgSignature
.select(:id, :commit_sha, :project_id) .select(:id, :commit_sha, :project_id)
.where('gpg_key_id IS NULL OR verification_status <> ?', GpgSignature.verification_statuses[:verified]) .where('gpg_key_id IS NULL OR verification_status <> ?', GpgSignature.verification_statuses[:verified])
.where(gpg_key_primary_keyid: @gpg_key.primary_keyid) .where(gpg_key_primary_keyid: @gpg_keyids)
.find_each { |sig| sig.gpg_commit.update_signature!(sig) } .find_each { |sig| sig.gpg_commit.update_signature!(sig) }
end end
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7