Commit c2c35ae7 authored by Rubén Dávila's avatar Rubén Dávila

Consider GPG subkeys when trying to update invalid GPG signatures

parent 59f81399
......@@ -3,13 +3,14 @@ module Gitlab
class InvalidGpgSignatureUpdater
def initialize(gpg_key)
@gpg_key = gpg_key
@gpg_keyids = gpg_key.subkeys.map(&:keyid).push(gpg_key.primary_keyid)
end
def run
GpgSignature
.select(:id, :commit_sha, :project_id)
.where('gpg_key_id IS NULL OR verification_status <> ?', GpgSignature.verification_statuses[:verified])
.where(gpg_key_primary_keyid: @gpg_key.primary_keyid)
.where(gpg_key_primary_keyid: @gpg_keyids)
.find_each { |sig| sig.gpg_commit.update_signature!(sig) }
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment