memoize verified_signature call
This commit is contained in:
parent
5d5fd4babe
commit
502e31bec9
|
@ -19,6 +19,19 @@ module Gitlab
|
|||
cached_signature = GpgSignature.find_by(commit_sha: commit.sha)
|
||||
return cached_signature if cached_signature.present?
|
||||
|
||||
using_keychain do |gpg_key|
|
||||
if gpg_key
|
||||
Gitlab::Gpg::CurrentKeyChain.add(gpg_key.key)
|
||||
@verified_signature = nil
|
||||
end
|
||||
|
||||
create_cached_signature!(gpg_key)
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def using_keychain
|
||||
Gitlab::Gpg.using_tmp_keychain do
|
||||
# first we need to get the keyid from the signature to query the gpg
|
||||
# key belonging to the keyid.
|
||||
|
@ -30,27 +43,23 @@ module Gitlab
|
|||
Gitlab::Gpg::CurrentKeyChain.add(gpg_key.key)
|
||||
end
|
||||
|
||||
create_cached_signature!(gpg_key)
|
||||
yield gpg_key
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def verified_signature
|
||||
GPGME::Crypto.new.verify(@signature_text, signed_text: @signed_text) do |verified_signature|
|
||||
@verified_signature ||= GPGME::Crypto.new.verify(@signature_text, signed_text: @signed_text) do |verified_signature|
|
||||
return verified_signature
|
||||
end
|
||||
end
|
||||
|
||||
def create_cached_signature!(gpg_key)
|
||||
verified_signature_result = verified_signature
|
||||
|
||||
GpgSignature.create!(
|
||||
commit_sha: commit.sha,
|
||||
project: commit.project,
|
||||
gpg_key: gpg_key,
|
||||
gpg_key_primary_keyid: gpg_key&.primary_keyid || verified_signature_result.fingerprint,
|
||||
valid_signature: !!(gpg_key && gpg_key.verified? && verified_signature_result.valid?)
|
||||
gpg_key_primary_keyid: gpg_key&.primary_keyid || verified_signature.fingerprint,
|
||||
valid_signature: !!(gpg_key && gpg_key.verified? && verified_signature.valid?)
|
||||
)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -38,11 +38,11 @@ RSpec.describe Gitlab::Gpg::Commit do
|
|||
it 'returns the cached signature on second call' do
|
||||
gpg_commit = described_class.new(commit)
|
||||
|
||||
expect(gpg_commit).to receive(:verified_signature).twice.and_call_original
|
||||
expect(gpg_commit).to receive(:using_keychain).and_call_original
|
||||
gpg_commit.signature
|
||||
|
||||
# consecutive call
|
||||
expect(gpg_commit).not_to receive(:verified_signature).and_call_original
|
||||
expect(gpg_commit).not_to receive(:using_keychain).and_call_original
|
||||
gpg_commit.signature
|
||||
end
|
||||
end
|
||||
|
@ -73,11 +73,11 @@ RSpec.describe Gitlab::Gpg::Commit do
|
|||
it 'returns the cached signature on second call' do
|
||||
gpg_commit = described_class.new(commit)
|
||||
|
||||
expect(gpg_commit).to receive(:verified_signature).and_call_original
|
||||
expect(gpg_commit).to receive(:using_keychain).and_call_original
|
||||
gpg_commit.signature
|
||||
|
||||
# consecutive call
|
||||
expect(gpg_commit).not_to receive(:verified_signature).and_call_original
|
||||
expect(gpg_commit).not_to receive(:using_keychain).and_call_original
|
||||
gpg_commit.signature
|
||||
end
|
||||
end
|
||||
|
@ -108,11 +108,11 @@ RSpec.describe Gitlab::Gpg::Commit do
|
|||
it 'returns the cached signature on second call' do
|
||||
gpg_commit = described_class.new(commit)
|
||||
|
||||
expect(gpg_commit).to receive(:verified_signature).and_call_original
|
||||
expect(gpg_commit).to receive(:using_keychain).and_call_original
|
||||
gpg_commit.signature
|
||||
|
||||
# consecutive call
|
||||
expect(gpg_commit).not_to receive(:verified_signature).and_call_original
|
||||
expect(gpg_commit).not_to receive(:using_keychain).and_call_original
|
||||
gpg_commit.signature
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue