Sign protected branches (#8993)

* Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
2025-07-08 10:00:03 +02:00 · 2019-12-15 11:06:31 +00:00 · 2019-12-15 11:06:31 +00:00 · 3abe17f9e0
commit 3abe17f9e0
parent e3c3b33ea7
6 changed files with 129 additions and 97 deletions
--- a/models/repo_sign.go
+++ b/models/repo_sign.go
@ -24,6 +24,7 @@ const (
 	baseSigned    signingMode = "basesigned"
 	headSigned    signingMode = "headsigned"
 	commitsSigned signingMode = "commitssigned"
+	approved      signingMode = "approved"
 )

 func signingModeFromStrings(modeStrings []string) []signingMode {
@ -45,6 +46,8 @@ func signingModeFromStrings(modeStrings []string) []signingMode {
 			fallthrough
 		case headSigned:
 			fallthrough
+		case approved:
+			fallthrough
 		case commitsSigned:
 			returnable = append(returnable, signMode)
 		}
@ -211,98 +214,3 @@ func (repo *Repository) SignCRUDAction(u *User, tmpBasePath, parentCommit string
 	}
 	return true, signingKey
 }
-
-// SignMerge determines if we should sign a merge commit to this repository
-func (repo *Repository) SignMerge(u *User, tmpBasePath, baseCommit, headCommit string) (bool, string) {
-	rules := signingModeFromStrings(setting.Repository.Signing.Merges)
-	signingKey := signingKey(repo.RepoPath())
-	if signingKey == "" {
-		return false, ""
-	}
-	var gitRepo *git.Repository
-	var err error
-
-	for _, rule := range rules {
-		switch rule {
-		case never:
-			return false, ""
-		case always:
-			break
-		case pubkey:
-			keys, err := ListGPGKeys(u.ID)
-			if err != nil || len(keys) == 0 {
-				return false, ""
-			}
-		case twofa:
-			twofa, err := GetTwoFactorByUID(u.ID)
-			if err != nil || twofa == nil {
-				return false, ""
-			}
-		case baseSigned:
-			if gitRepo == nil {
-				gitRepo, err = git.OpenRepository(tmpBasePath)
-				if err != nil {
-					return false, ""
-				}
-				defer gitRepo.Close()
-			}
-			commit, err := gitRepo.GetCommit(baseCommit)
-			if err != nil {
-				return false, ""
-			}
-			verification := ParseCommitWithSignature(commit)
-			if !verification.Verified {
-				return false, ""
-			}
-		case headSigned:
-			if gitRepo == nil {
-				gitRepo, err = git.OpenRepository(tmpBasePath)
-				if err != nil {
-					return false, ""
-				}
-				defer gitRepo.Close()
-			}
-			commit, err := gitRepo.GetCommit(headCommit)
-			if err != nil {
-				return false, ""
-			}
-			verification := ParseCommitWithSignature(commit)
-			if !verification.Verified {
-				return false, ""
-			}
-		case commitsSigned:
-			if gitRepo == nil {
-				gitRepo, err = git.OpenRepository(tmpBasePath)
-				if err != nil {
-					return false, ""
-				}
-				defer gitRepo.Close()
-			}
-			commit, err := gitRepo.GetCommit(headCommit)
-			if err != nil {
-				return false, ""
-			}
-			verification := ParseCommitWithSignature(commit)
-			if !verification.Verified {
-				return false, ""
-			}
-			// need to work out merge-base
-			mergeBaseCommit, _, err := gitRepo.GetMergeBase("", baseCommit, headCommit)
-			if err != nil {
-				return false, ""
-			}
-			commitList, err := commit.CommitsBeforeUntil(mergeBaseCommit)
-			if err != nil {
-				return false, ""
-			}
-			for e := commitList.Front(); e != nil; e = e.Next() {
-				commit = e.Value.(*git.Commit)
-				verification := ParseCommitWithSignature(commit)
-				if !verification.Verified {
-					return false, ""
-				}
-			}
-		}
-	}
-	return true, signingKey
-}