Commit bb43d153 authored by Balasankar "Balu" C's avatar Balasankar "Balu" C

Add API docs for commit's GPG signature endpoint

parent e9c3c3bf
---
title: Add API endpoint to get a commit's GPG signature
merge_request: 25032
author:
type: added
...@@ -656,6 +656,46 @@ Example response: ...@@ -656,6 +656,46 @@ Example response:
] ]
``` ```
## Get GPG signature of a commit
Get the [GPG signature from a commit](../user/project/repository/gpg_signed_commits/index.md),
if it is signed. For unsigned commits, it results in a 404 response.
```
GET /projects/:id/repository/commits/:sha/signature
```
Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user
| `sha` | string | yes | The commit hash or name of a repository branch or tag |
```bash
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/repository/commits/da738facbc19eb2fc2cef57c49be0e6038570352/signature"
```
Example response if commit is signed:
```json
{
"gpg_key_id": 1,
"gpg_key_primary_keyid": "8254AAB3FBD54AC9",
"gpg_key_user_name": "John Doe",
"gpg_key_user_email": "johndoe@example.com",
"verification_status": "verified",
"gpg_key_subkey_id": null
}
```
Example response if commit is unsigned:
```json
{
"message": "404 GPG Signature Not Found"
}
```
[ce-6096]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6096 "Multi-file commit" [ce-6096]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6096 "Multi-file commit"
[ce-8047]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/8047 [ce-8047]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/8047
[ce-15026]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15026 [ce-15026]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15026
......
...@@ -266,3 +266,7 @@ To remove a GPG key from your account: ...@@ -266,3 +266,7 @@ To remove a GPG key from your account:
You can configure your project to reject commits that aren't GPG-signed You can configure your project to reject commits that aren't GPG-signed
via [push rules](https://docs.gitlab.com/ee/push_rules/push_rules.html). via [push rules](https://docs.gitlab.com/ee/push_rules/push_rules.html).
## GPG signing API
Learn how to [get the GPG signature from a commit via API](../../../../api/commits.md#get-gpg-signature-of-a-commit).
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment