6 files changed, 67 insertions, 7 deletions

diff --git a/app/models/gpg_key.rb b/app/models/gpg_key.rb
index ec30658e7ea..a444792581a 100644
--- a/app/models/gpg_key.rb
+++ b/app/models/gpg_key.rb
@@ -28,7 +28,7 @@ class GpgKey < ActiveRecord::Base
     unless: -> { errors.has_key?(:key) }
 
   before_validation :extract_fingerprint, :extract_primary_keyid
-  after_create :update_invalid_gpg_signatures
+  after_create :update_invalid_gpg_signatures_after_create
   after_create :notify_user
 
   def key=(value)
@@ -54,7 +54,7 @@ class GpgKey < ActiveRecord::Base
   end
 
   def update_invalid_gpg_signatures
-    Gitlab::Gpg::InvalidGpgSignatureUpdater.new(self).run
+    InvalidGpgSignatureUpdateWorker.perform_async(self.id)
   end
 
   private
@@ -74,4 +74,8 @@ class GpgKey < ActiveRecord::Base
   def notify_user
     run_after_commit { NotificationService.new.new_gpg_key(self) }
   end
+
+  def update_invalid_gpg_signatures_after_create
+    run_after_commit { update_invalid_gpg_signatures }
+  end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
index 791d099605d..931b760df34 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -13,6 +13,7 @@ class User < ActiveRecord::Base
   include IgnorableColumn
   include FeatureGate
   include CreatedAtFilterable
+  include AfterCommitQueue
 
   DEFAULT_NOTIFICATION_LEVEL = :participating
 
@@ -515,7 +516,7 @@ class User < ActiveRecord::Base
   end
 
   def update_invalid_gpg_signatures
-    gpg_keys.each(&:update_invalid_gpg_signatures)
+    run_after_commit { gpg_keys.each(&:update_invalid_gpg_signatures) }
   end
 
   # Returns the groups a user has access to
diff --git a/app/workers/invalid_gpg_signature_update_worker.rb b/app/workers/invalid_gpg_signature_update_worker.rb
new file mode 100644
index 00000000000..277dd604aa8
--- /dev/null
+++ b/app/workers/invalid_gpg_signature_update_worker.rb
@@ -0,0 +1,12 @@
+class InvalidGpgSignatureUpdateWorker
+  include Sidekiq::Worker
+  include DedicatedSidekiqQueue
+
+  def perform(gpg_key_id)
+    if gpg_key = GpgKey.find_by(id: gpg_key_id)
+      Gitlab::Gpg::InvalidGpgSignatureUpdater.new(gpg_key).run
+    else
+      Rails.logger.error("InvalidGpgSignatureUpdateWorker: couldn't find gpg_key with ID=#{gpg_key_id}, skipping job")
+    end
+  end
+end
diff --git a/config/sidekiq_queues.yml b/config/sidekiq_queues.yml
index 1d9e69a2408..cf0f5719683 100644
--- a/config/sidekiq_queues.yml
+++ b/config/sidekiq_queues.yml
@@ -29,6 +29,7 @@
   - [email_receiver, 2]
   - [emails_on_push, 2]
   - [mailers, 2]
+  - [invalid_gpg_signature_update, 2]
   - [upload_checksum, 1]
   - [use_key, 1]
   - [repository_fork, 1]
diff --git a/spec/features/commits_spec.rb b/spec/features/commits_spec.rb
index 8f89b465160..7635e87e838 100644
--- a/spec/features/commits_spec.rb
+++ b/spec/features/commits_spec.rb
@@ -223,7 +223,9 @@ describe 'Commits' do
       user = create :user, email: 'unrelated.user@example.org'
       project.team << [user, :master]
 
-      create :gpg_key, key: GpgHelpers::User1.public_key, user: user
+      Sidekiq::Testing.inline! do
+        create :gpg_key, key: GpgHelpers::User1.public_key, user: user
+      end
 
       login_with(user)
 
@@ -235,8 +237,10 @@ describe 'Commits' do
       end
 
       # user changes his email which makes the gpg key verified
-      user.skip_reconfirmation!
-      user.update_attributes!(email: GpgHelpers::User1.emails.first)
+      Sidekiq::Testing.inline! do
+        user.skip_reconfirmation!
+        user.update_attributes!(email: GpgHelpers::User1.emails.first)
+      end
 
       visit namespace_project_commits_path(project.namespace, project, :master)
 
@@ -260,7 +264,9 @@ describe 'Commits' do
       end
 
       # user adds the gpg key which makes the signature valid
-      create :gpg_key, key: GpgHelpers::User1.public_key, user: user
+      Sidekiq::Testing.inline! do
+        create :gpg_key, key: GpgHelpers::User1.public_key, user: user
+      end
 
       visit namespace_project_commits_path(project.namespace, project, :master)
 
diff --git a/spec/workers/invalid_gpg_signature_update_worker_spec.rb b/spec/workers/invalid_gpg_signature_update_worker_spec.rb
new file mode 100644
index 00000000000..8d568076e1a
--- /dev/null
+++ b/spec/workers/invalid_gpg_signature_update_worker_spec.rb
@@ -0,0 +1,36 @@
+require 'spec_helper'
+
+describe InvalidGpgSignatureUpdateWorker do
+  context 'when GpgKey is found' do
+    it 'calls NotificationService.new.run' do
+      gpg_key = create(:gpg_key)
+      invalid_signature_updater = double(:invalid_signature_updater)
+
+      expect(Gitlab::Gpg::InvalidGpgSignatureUpdater).to receive(:new).with(gpg_key).and_return(invalid_signature_updater)
+      expect(invalid_signature_updater).to receive(:run)
+
+      described_class.new.perform(gpg_key.id)
+    end
+  end
+
+  context 'when GpgKey is not found' do
+    let(:nonexisting_gpg_key_id) { -1 }
+
+    it 'logs InvalidGpgSignatureUpdateWorker process skipping' do
+      expect(Rails.logger).to receive(:error)
+        .with("InvalidGpgSignatureUpdateWorker: couldn't find gpg_key with ID=-1, skipping job")
+
+      described_class.new.perform(nonexisting_gpg_key_id)
+    end
+
+    it 'does not raise errors' do
+      expect { described_class.new.perform(nonexisting_gpg_key_id) }.not_to raise_error
+    end
+
+    it 'does not call NotificationService.new.run' do
+      expect(Gitlab::Gpg::InvalidGpgSignatureUpdater).not_to receive(:new)
+
+      described_class.new.perform(nonexisting_gpg_key_id)
+    end
+  end
+end