diff options
| author | Balasankar "Balu" C <balasankar@gitlab.com> | 2019-02-11 13:55:37 +0530 |
|---|---|---|
| committer | Balasankar "Balu" C <balasankar@gitlab.com> | 2019-02-14 11:29:43 +0530 |
| commit | bb43d153bcd841335a2f55a66bcbfbb584e4205c (patch) | |
| tree | a75ee239a545968d41ab4e511fe819a9d28ce335 | |
| parent | e9c3c3bf31a3d16d111026abb2c5a9e8eb68afd1 (diff) | |
| download | gitlab-ce-49502-gpg-signature-api-endpoint.tar.gz | |
Add API docs for commit's GPG signature endpoint49502-gpg-signature-api-endpoint
| -rw-r--r-- | changelogs/unreleased/49502-gpg-signature-api-endpoint.yml | 5 | ||||
| -rw-r--r-- | doc/api/commits.md | 40 | ||||
| -rw-r--r-- | doc/user/project/repository/gpg_signed_commits/index.md | 4 |
3 files changed, 49 insertions, 0 deletions
diff --git a/changelogs/unreleased/49502-gpg-signature-api-endpoint.yml b/changelogs/unreleased/49502-gpg-signature-api-endpoint.yml new file mode 100644 index 00000000000..8393cb9d282 --- /dev/null +++ b/changelogs/unreleased/49502-gpg-signature-api-endpoint.yml @@ -0,0 +1,5 @@ +--- +title: Add API endpoint to get a commit's GPG signature +merge_request: 25032 +author: +type: added diff --git a/doc/api/commits.md b/doc/api/commits.md index 14742f034e0..7bfea0498e4 100644 --- a/doc/api/commits.md +++ b/doc/api/commits.md @@ -656,6 +656,46 @@ Example response: ] ``` +## Get GPG signature of a commit + +Get the [GPG signature from a commit](../user/project/repository/gpg_signed_commits/index.md), +if it is signed. For unsigned commits, it results in a 404 response. + +``` +GET /projects/:id/repository/commits/:sha/signature +``` + +Parameters: + +| Attribute | Type | Required | Description | +| --------- | ---- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `sha` | string | yes | The commit hash or name of a repository branch or tag | + +```bash +curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/repository/commits/da738facbc19eb2fc2cef57c49be0e6038570352/signature" +``` + +Example response if commit is signed: + +```json +{ + "gpg_key_id": 1, + "gpg_key_primary_keyid": "8254AAB3FBD54AC9", + "gpg_key_user_name": "John Doe", + "gpg_key_user_email": "johndoe@example.com", + "verification_status": "verified", + "gpg_key_subkey_id": null +} +``` + +Example response if commit is unsigned: +```json +{ + "message": "404 GPG Signature Not Found" +} +``` + [ce-6096]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6096 "Multi-file commit" [ce-8047]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/8047 [ce-15026]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15026 diff --git a/doc/user/project/repository/gpg_signed_commits/index.md b/doc/user/project/repository/gpg_signed_commits/index.md index c7e20f01a75..db19370b97c 100644 --- a/doc/user/project/repository/gpg_signed_commits/index.md +++ b/doc/user/project/repository/gpg_signed_commits/index.md @@ -266,3 +266,7 @@ To remove a GPG key from your account: You can configure your project to reject commits that aren't GPG-signed via [push rules](https://docs.gitlab.com/ee/push_rules/push_rules.html). + +## GPG signing API + +Learn how to [get the GPG signature from a commit via API](../../../../api/commits.md#get-gpg-signature-of-a-commit). |