Address some feedback from last code review

2017-10-04 10:34:50 -05:00 · 2017-10-04 10:34:50 -05:00 · 2577cc9981
parent 8be06f20fc
commit 2577cc9981
6 changed files with 15 additions and 6 deletions
--- a/app/models/gpg_signature.rb
+++ b/app/models/gpg_signature.rb
@ -23,8 +23,13 @@ class GpgSignature < ActiveRecord::Base

  def gpg_key=(model)
    case model
-    when GpgKey       then super
-    when GpgKeySubkey then self.gpg_key_subkey = model
+    when GpgKey
+      super
+    when GpgKeySubkey
+      self.gpg_key_subkey = model
+    when NilClass
+      super
+      self.gpg_key_subkey = nil
    end
  end

--- a/changelogs/unreleased/36829-add-ability-to-verify-gpg-subkeys.yml
+++ b/changelogs/unreleased/36829-add-ability-to-verify-gpg-subkeys.yml
--- a/db/migrate/20170927161718_create_gpg_key_subkeys.rb
+++ b/db/migrate/20170927161718_create_gpg_key_subkeys.rb
@ -3,11 +3,11 @@ class CreateGpgKeySubkeys < ActiveRecord::Migration

  def up
    create_table :gpg_key_subkeys do |t|
+      t.references :gpg_key, null: false, index: true, foreign_key: { on_delete: :cascade }
+
      t.binary :keyid
      t.binary :fingerprint

-      t.references :gpg_key, null: false, index: true, foreign_key: { on_delete: :cascade }
-
      t.index :keyid, unique: true, length: Gitlab::Database.mysql? ? 20 : nil
      t.index :fingerprint, unique: true, length: Gitlab::Database.mysql? ? 20 : nil
    end
--- a/db/post_migrate/20171002161539_create_gpg_key_subkeys_for_existing_gpg_keys.rb
+++ b/db/post_migrate/20171002161539_create_gpg_key_subkeys_for_existing_gpg_keys.rb
@ -28,8 +28,10 @@ class CreateGpgKeySubkeysForExistingGpgKeys < ActiveRecord::Migration
  end

  def up
-    GpgKey.each_batch do |batch|
+    GpgKey.with_subkeys.each_batch do |batch|
      batch.each do |gpg_key|
+        return if gpg_key.subkeys.any?
+
        create_subkeys(gpg_key) && update_signatures(gpg_key)
      end
    end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -580,9 +580,9 @@ ActiveRecord::Schema.define(version: 20171004121444) do
  add_index "forked_project_links", ["forked_to_project_id"], name: "index_forked_project_links_on_forked_to_project_id", unique: true, using: :btree

  create_table "gpg_key_subkeys", force: :cascade do |t|
+    t.integer "gpg_key_id", null: false
    t.binary "keyid"
    t.binary "fingerprint"
-    t.integer "gpg_key_id", null: false
  end

  add_index "gpg_key_subkeys", ["fingerprint"], name: "index_gpg_key_subkeys_on_fingerprint", unique: true, using: :btree
--- a/lib/gitlab/gpg/commit.rb
+++ b/lib/gitlab/gpg/commit.rb
@ -43,6 +43,8 @@ module Gitlab
          # key belonging to the keyid.
          # This way we can add the key to the temporary keychain and extract
          # the proper signature.
+          # NOTE: the invoked method is #fingerprint but it's only returning
+          # 16 characters (the format used by keyid) instead of 40.
          gpg_key = find_gpg_key(verified_signature.fingerprint)

          if gpg_key