[go: up one dir, main page]
Skip to content

Add author_email column to ssh_signatures table

Emma Parkrequested to merge
526568/new-author_id-column into master

What does this MR do and why?

Related to: https://gitlab.com/gitlab-org/gitlab/-/issues/526568+

Context

With the check_for_mailmapped_commit_emails feature flag enabled, GitLab verifies commit signatures by comparing the user who owns the SSH key (user_id) with the commit author. This approach works for typical SSH-signed commits, but causes issues with UI-signed commits, where the signer is GitLab itself—not a real user.

Problem

In the case of UI-signed commits, GitLab incorrectly attempts to associate the commit with a user via the user_id. When a mismatch occurs between the key owner and the commit author, GitLab marks the commit as unverified and displays an orange badge—even though the commit is valid.

Proposed Solution

To resolve this, we are introducing a new author_email column to the ssh_signatures table. This allows us to store the actual author of the commit (as returned by Gitaly via getCommitSignatures) and verify the commit using this value instead of relying on user_id. This approach ensures UI-signed commits are correctly verified and avoids false negatives caused by mismatched users.

Next step

The logic changes that utilize the author_email field for commit verification will be implemented in a separate Merge Request. Use author_email to verify UI-signed commits (!189034 - closed)

After running migrations

[1] pry(main)> Ci::ApplicationRecord.connection.columns(:ssh_signatures).map(&:name).include?("author_email")
=> true
[2] pry(main)> ActiveRecord::Base.connection.columns(:ssh_signatures).map(&:name).include?("author_email")
=> true
[3] pry(main)> CommitSignatures::SshSignature.first
  CommitSignatures::SshSignature Load (0.8ms)  SELECT "ssh_signatures".* FROM "ssh_signatures" ORDER BY "ssh_signatures"."id" ASC LIMIT 1 /*application:console,db_config_database:gitlabhq_development,db_config_name:main,console_hostname:epark--20240603-GPQ0R,console_username:emmapark,line:(pry):3:in `__pry__'*/
=> #<CommitSignatures::SshSignature:0x000000031fbd81a8
 id: 1,
 created_at: Sun, 20 Apr 2025 02:38:12.021777000 UTC +00:00,
 updated_at: Sun, 20 Apr 2025 02:38:12.021777000 UTC +00:00,
 project_id: 63,
 key_id: 15,
 verification_status: "other_user",
 commit_sha: "8397c6916ddfcd73f789e6726fac37ea94b22e4e",
 user_id: 1,
 key_fingerprint_sha256: "lQmz2gNAp1GH5S0s3EAQ9Pu90QJC2y+1I/C21XtZ29M",
 author_email: nil>

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Emma Park

Merge request reports