From a41e7e0105e238161ba697ebf26d8554ae59d295 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rub=C3=A9n=20D=C3=A1vila?= <ruben@gitlab.com>
Date: Wed, 27 Sep 2017 16:11:42 -0500
Subject: [PATCH] Add ability to include subkeys when finding by fingerprint

---
 app/models/gpg_key.rb    | 11 +++++++++++
 lib/gitlab/gpg/commit.rb |  2 +-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/app/models/gpg_key.rb b/app/models/gpg_key.rb
index ed09b44027..6d3537b6fc 100644
--- a/app/models/gpg_key.rb
+++ b/app/models/gpg_key.rb
@@ -40,6 +40,17 @@ class GpgKey < ActiveRecord::Base
   after_commit :update_invalid_gpg_signatures, on: :create
   after_create :generate_subkeys
 
+  def self.find_with_subkeys(fingerprint)
+    keys_table = arel_table
+    subkeys_table = GpgKeySubkey.arel_table
+
+    condition = keys_table[:primary_keyid].eq(fingerprint).or(
+      subkeys_table[:keyid].eq(fingerprint)
+    )
+
+    joins(:subkeys).where(condition).first
+  end
+
   def primary_keyid
     super&.upcase
   end
diff --git a/lib/gitlab/gpg/commit.rb b/lib/gitlab/gpg/commit.rb
index 86bd9f5b12..40274e1391 100644
--- a/lib/gitlab/gpg/commit.rb
+++ b/lib/gitlab/gpg/commit.rb
@@ -43,7 +43,7 @@ module Gitlab
           # key belonging to the keyid.
           # This way we can add the key to the temporary keychain and extract
           # the proper signature.
-          gpg_key = GpgKey.find_by(primary_keyid: verified_signature.fingerprint)
+          gpg_key = GpgKey.find_with_subkeys(verified_signature.fingerprint)
 
           if gpg_key
             Gitlab::Gpg::CurrentKeyChain.add(gpg_key.key)
-- 
2.30.9