Extend GetCommitSignatures to return Signer
Related issue: Automated/web commits (merge or web IDE commits... (gitlab#19185 - closed)
This MR depends on this preparational MR: Move SSH signing function to library (!5960 - merged).
This MR extends GetCommitSignatures
RPC to return signer
. The signer
indicates whether a commit has been signed by Gitaly or by a user. It implements the following idea: gitlab!124218 (comment 1440760387)
In this case, we won't need to share public/private key with Gitlab in order to identify the commits that were signed by Gitaly.
After some modifications on the local Gitaly gem, the following response is returned:
[14] pry(main)> a = response.to_a
=> [<Gitaly::GetCommitSignaturesResponse: commit_id: "ad3cac9eb012b67e2821fae8ed6c11d41d87bf98", signature: "-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgCZpNLju9GawrIvIrWOUgUmf+Lz
B0ZDcnj0tjIhgnaG8AAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
AAAAQEsWFOUlXlBJeJa6l7dNvQe42caV3y/OAHPm0nBKQrF5JmfiQyLlewqJH270VBWTzm
xuherf4LRAl+0RL8pu1gA=
-----END SSH SIGNATURE-----", signed_text: "", signer: :SIGNER_USER>,
<Gitaly::GetCommitSignaturesResponse: commit_id: "", signature: "", signed_text: "tree 1c7d7f5a375ef34553a0d746034959bd3d641da6
parent bd7e52b24bd633f59c2f37415ab07f60b77de575
author Igor Drozdov <idrozdov@gitlab.com> 1687293056 +0200
committer Igor Drozdov <idrozdov@gitlab.com> 1687293056 +0200
New commit
", signer: :SIGNER_UNSPECIFIED>,
<Gitaly::GetCommitSignaturesResponse: commit_id: "d5a14f9e27a8146c9f0092af0fb2cdd9b6c5b23d", signature: "-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgVzKQNpRPvHihfJQJ+Com
F8BdFuG2wuXh+LjXjbOs8IgAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3Nz
aC1lZDI1NTE5AAAAQIoPrmWfZuRnqGdOa/kSJU+hEMhoshbOa8YPe/wR0vcLu6ih
ml2bVMUIowkSVyLDU45mYtnli9Xuqa+RE/BAmQ8=
-----END SSH SIGNATURE-----
", signed_text: "", signer: :SIGNER_SYSTEM>,
<Gitaly::GetCommitSignaturesResponse: commit_id: "", signature: "", signed_text: "tree 21f90db9715a5b7e6404554a88b15fa56fc2d876
parent 64779bc0609e42bd450a8072bd1a94776c77974e
author Administrator <admin@example.com> 1687292264 +0000
committer Administrator <admin@example.com> 1687292264 +0000
Update index.js", signer: :SIGNER_UNSPECIFIED>]```
`SIGNER_USER` is returned for a commit that has been signed by a user, `SIGNER_SYSTEM` is returned for a commit signed by Gitaly
Edited by Igor Drozdov