Move REFS_GPG_KEYS to PublicKeyStore

This is in the set of things that we hope to upstream into JGit
eventually, so move it out of this Gerrit-specific class.

Change-Id: Id9c7fb5e3d8b27e4578f66f6f8d1451beceececa

gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/api/accounts/AccountIT.java

@@ -17,6 +17,7 @@ package com.google.gerrit.acceptance.api.accounts;
 import static com.google.common.base.Preconditions.checkNotNull;
 import static com.google.common.truth.Truth.assertThat;
 import static com.google.common.truth.Truth.assert_;
+import static com.google.gerrit.gpg.PublicKeyStore.REFS_GPG_KEYS;
 import static com.google.gerrit.gpg.PublicKeyStore.keyToString;
 import static java.nio.charset.StandardCharsets.UTF_8;
 
@@ -39,7 +40,6 @@ import com.google.gerrit.gpg.server.GpgKeys;
 import com.google.gerrit.gpg.testutil.TestKey;
 import com.google.gerrit.reviewdb.client.Account;
 import com.google.gerrit.reviewdb.client.AccountExternalId;
-import com.google.gerrit.reviewdb.client.RefNames;
 import com.google.gerrit.server.IdentifiedUser;
 import com.google.gerrit.server.config.AllUsersName;
 import com.google.gerrit.testutil.ConfigSuite;
@@ -99,9 +99,9 @@ public class AccountIT extends AbstractDaemonTest {
   @After
   public void clearPublicKeyStore() throws Exception {
     try (Repository repo = repoManager.openRepository(allUsers)) {
-      Ref ref = repo.getRef(RefNames.REFS_GPG_KEYS);
+      Ref ref = repo.getRef(REFS_GPG_KEYS);
       if (ref != null) {
-        RefUpdate ru = repo.updateRef(RefNames.REFS_GPG_KEYS);
+        RefUpdate ru = repo.updateRef(REFS_GPG_KEYS);
         ru.setForceUpdate(true);
         assertThat(ru.delete()).isEqualTo(RefUpdate.Result.FORCED);
       }
@@ -115,7 +115,7 @@ public class AccountIT extends AbstractDaemonTest {
 
   @After
   public void deleteGpgKeys() throws Exception {
-    String ref = RefNames.REFS_GPG_KEYS;
+    String ref = REFS_GPG_KEYS;
     try (Repository repo = repoManager.openRepository(allUsers)) {
       if (repo.getRefDatabase().exactRef(ref) != null) {
         RefUpdate ru = repo.updateRef(ref);

gerrit-gpg/src/main/java/com/google/gerrit/gpg/PublicKeyStore.java

@@ -17,8 +17,6 @@ package com.google.gerrit.gpg;
 import static com.google.common.base.Preconditions.checkState;
 import static org.eclipse.jgit.lib.Constants.OBJ_BLOB;
 
-import com.google.gerrit.reviewdb.client.RefNames;
-
 import org.bouncycastle.bcpg.ArmoredInputStream;
 import org.bouncycastle.bcpg.ArmoredOutputStream;
 import org.bouncycastle.openpgp.PGPException;
@@ -73,6 +71,9 @@ public class PublicKeyStore implements AutoCloseable {
   private static final ObjectId EMPTY_TREE =
       ObjectId.fromString("4b825dc642cb6eb9a060e54bf8d69288fbee4904");
 
+  /** Ref where GPG public keys are stored. */
+  public static final String REFS_GPG_KEYS = "refs/meta/gpg-keys";
+
   private final Repository repo;
   private ObjectReader reader;
   private RevCommit tip;
@@ -104,7 +105,7 @@ public class PublicKeyStore implements AutoCloseable {
     reset();
     reader = repo.newObjectReader();
 
-    Ref ref = repo.getRefDatabase().exactRef(RefNames.REFS_GPG_KEYS);
+    Ref ref = repo.getRefDatabase().exactRef(REFS_GPG_KEYS);
     if (ref == null) {
       return;
     }
@@ -249,7 +250,7 @@ public class PublicKeyStore implements AutoCloseable {
       ins.flush();
     }
 
-    RefUpdate ru = repo.updateRef(RefNames.REFS_GPG_KEYS);
+    RefUpdate ru = repo.updateRef(PublicKeyStore.REFS_GPG_KEYS);
     ru.setExpectedOldObjectId(tip);
     ru.setNewObjectId(newTip);
     ru.setRefLogIdent(cb.getCommitter());

gerrit-gpg/src/test/java/com/google/gerrit/gpg/PublicKeyStoreTest.java

@@ -14,6 +14,7 @@
 
 package com.google.gerrit.gpg;
 
+import static com.google.gerrit.gpg.PublicKeyStore.REFS_GPG_KEYS;
 import static com.google.gerrit.gpg.PublicKeyStore.keyIdToString;
 import static com.google.gerrit.gpg.PublicKeyStore.keyObjectId;
 import static com.google.gerrit.gpg.PublicKeyStore.keyToString;
@@ -23,7 +24,6 @@ import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
 
 import com.google.gerrit.gpg.testutil.TestKey;
-import com.google.gerrit.reviewdb.client.RefNames;
 
 import org.bouncycastle.openpgp.PGPPublicKey;
 import org.bouncycastle.openpgp.PGPPublicKeyRing;
@@ -84,13 +84,13 @@ public class PublicKeyStoreTest {
   @Test
   public void testGet() throws Exception {
     TestKey key1 = TestKey.key1();
-    tr.branch(RefNames.REFS_GPG_KEYS)
+    tr.branch(REFS_GPG_KEYS)
         .commit()
         .add(keyObjectId(key1.getKeyId()).name(),
           key1.getPublicKeyArmored())
         .create();
     TestKey key2 = TestKey.key2();
-    tr.branch(RefNames.REFS_GPG_KEYS)
+    tr.branch(REFS_GPG_KEYS)
         .commit()
         .add(keyObjectId(key2.getKeyId()).name(),
           key2.getPublicKeyArmored())
@@ -104,7 +104,7 @@ public class PublicKeyStoreTest {
   public void testGetMultiple() throws Exception {
     TestKey key1 = TestKey.key1();
     TestKey key2 = TestKey.key2();
-    tr.branch(RefNames.REFS_GPG_KEYS)
+    tr.branch(REFS_GPG_KEYS)
         .commit()
         .add(keyObjectId(key1.getKeyId()).name(),
             key1.getPublicKeyArmored()
@@ -131,7 +131,7 @@ public class PublicKeyStoreTest {
   public void saveAppendsToExistingList() throws Exception {
     TestKey key1 = TestKey.key1();
     TestKey key2 = TestKey.key2();
-    tr.branch(RefNames.REFS_GPG_KEYS)
+    tr.branch(REFS_GPG_KEYS)
         .commit()
         // Mismatched for this key ID, but we can still read it out.
         .add(keyObjectId(key1.getKeyId()).name(), key2.getPublicKeyArmored())
@@ -146,7 +146,7 @@ public class PublicKeyStoreTest {
         RevWalk rw = new RevWalk(reader)) {
       NoteMap notes = NoteMap.read(
           reader, tr.getRevWalk().parseCommit(
-            tr.getRepository().getRef(RefNames.REFS_GPG_KEYS).getObjectId()));
+            tr.getRepository().getRef(REFS_GPG_KEYS).getObjectId()));
       String contents = new String(
           reader.open(notes.get(keyObjectId(key1.getKeyId()))).getBytes(),
           UTF_8);

gerrit-gpg/src/test/java/com/google/gerrit/gpg/PushCertificateCheckerTest.java

@@ -14,13 +14,13 @@
 
 package com.google.gerrit.gpg;
 
+import static com.google.gerrit.gpg.PublicKeyStore.REFS_GPG_KEYS;
 import static com.google.gerrit.gpg.PublicKeyStore.keyIdToString;
 import static com.google.gerrit.gpg.PublicKeyStore.keyToString;
 import static java.nio.charset.StandardCharsets.UTF_8;
 import static org.junit.Assert.assertEquals;
 
 import com.google.gerrit.gpg.testutil.TestKey;
-import com.google.gerrit.reviewdb.client.RefNames;
 
 import org.bouncycastle.bcpg.ArmoredOutputStream;
 import org.bouncycastle.bcpg.BCPGOutputStream;
@@ -56,7 +56,7 @@ public class PushCertificateCheckerTest {
     TestKey key3 = TestKey.key3();
     tr = new TestRepository<>(new InMemoryRepository(
         new DfsRepositoryDescription("repo")));
-    tr.branch(RefNames.REFS_GPG_KEYS).commit()
+    tr.branch(REFS_GPG_KEYS).commit()
         .add(PublicKeyStore.keyObjectId(key1.getPublicKey().getKeyID()).name(),
             key1.getPublicKeyArmored())
         .add(PublicKeyStore.keyObjectId(key3.getPublicKey().getKeyID()).name(),

gerrit-reviewdb/src/main/java/com/google/gerrit/reviewdb/client/RefNames.java

@@ -57,12 +57,6 @@ public class RefNames {
 
   public static final String EDIT_PREFIX = "edit-";
 
-  /**
-   * Special ref for GPG public keys used by {@link
-   * com.google.gerrit.gpg.SignedPushPreReceiveHook}.
-   */
-  public static final String REFS_GPG_KEYS = "refs/meta/gpg-keys";
-
   public static String fullName(String ref) {
     return ref.startsWith(REFS) ? ref : REFS_HEADS + ref;
   }