View public key that is used for Web commits signing
Overview
Within Automated/web commits (merge or web IDE commits... (#19185 - closed) web commits signing has been introduced. A private key is configured in Gitaly. The private key is then used to sign the commits created in UI.
Problem
The users may want to verify the commits signed by GitLab locally. They need the public part of the private key for it.
Currently, we hardcode this value in the docs: Docs: Specify Gitlab public key for commits sig... (!145373 - merged). However, it would be cool to have an endpoint like https://gitlab.com/web-commits.ssh
that returns the up-to-date keys (similar to https://gitlab.com/igor.drozdov.keys).
Proposal
- Create a Gitaly RPC to fetch the key: Create RPC to return web-commit signing public ... (gitaly#6220 - closed)
- Create an endpoint that calls the Gitaly RPC and displays the public key
Edited by Joe Woodward