bail if the commit has no signature
This commit is contained in:
parent
69e511c4c2
commit
8c4b6a32fc
|
@ -242,11 +242,7 @@ class Commit
|
|||
cached_signature = GpgSignature.find_by(commit_sha: sha)
|
||||
return cached_signature if cached_signature.present?
|
||||
|
||||
gpg_commit = Gitlab::Gpg::Commit.new(self)
|
||||
|
||||
return unless gpg_commit.has_signature?
|
||||
|
||||
@signature = gpg_commit.signature
|
||||
@signature = Gitlab::Gpg::Commit.new(self).signature
|
||||
end
|
||||
|
||||
def revert_branch_name
|
||||
|
|
|
@ -10,10 +10,12 @@ module Gitlab
|
|||
end
|
||||
|
||||
def has_signature?
|
||||
@signature_text && @signed_text
|
||||
!!(@signature_text && @signed_text)
|
||||
end
|
||||
|
||||
def signature
|
||||
return unless has_signature?
|
||||
|
||||
Gitlab::Gpg.using_tmp_keychain do
|
||||
# first we need to get the keyid from the signature to query the gpg
|
||||
# key belonging to the keyid.
|
||||
|
@ -43,7 +45,7 @@ module Gitlab
|
|||
project: commit.project,
|
||||
gpg_key: gpg_key,
|
||||
gpg_key_primary_keyid: gpg_key&.primary_keyid,
|
||||
valid_signature: !!(gpg_key && verified_signature&.valid?)
|
||||
valid_signature: !!(gpg_key && verified_signature.valid?)
|
||||
)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -4,6 +4,12 @@ RSpec.describe Gitlab::Gpg::Commit do
|
|||
describe '#signature' do
|
||||
let!(:project) { create :project, :repository, path: 'sample-project' }
|
||||
|
||||
context 'unisgned commit' do
|
||||
it 'returns nil' do
|
||||
expect(described_class.new(project.commit).signature).to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
context 'known public key' do
|
||||
it 'returns a valid signature' do
|
||||
gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key
|
||||
|
|
Loading…
Reference in New Issue