Follow-up from "GraphQL: add commit signature field", document verification statuses
The following discussion from !96305 (merged) should be addressed:
-
@aqualls started a discussion: I'd love it if someone could send a follow-up MR to me. For each of the verification statuses that sound like failures, I'd like to publish some quick troubleshooting notes to explain what the user should do next:
Signature key has not been verified
-
Signature has not been verified
(what's the difference between these first two?) Signature has been verified, but the committer email is not verified to belong to the same user.
Signature is verified but for a different user than the committer.
Associated key is not known to GitLab.
Associated commit was signed with multiple signatures.
It doesn't have to be well-formatted; I can clean it up.
Edited by Brett Walker