Store push certificate in patch set during ReceiveCommits

Push certificates for new/updated changes contain commands for refs/for/*, even though that ref is not created. This means if we store such certificates in PushCertificateStore, we can't use the history of push certs on that ref to reconstruct anything like a reflog. It would be confusing to see in refs/meta/push-certs a push cert mentioning refs/for/* either on that ref (which doesn't exist) or refs/changes/* (which is a completely unrelated refname). Pushing to refs/for/* and having the data become a patch set is a detail of the Gerrit model, so it makes sense to store the cert in the same place as the patch set SHA-1 itself, namely the PatchSets table. Change-Id: I51924054742fbd31b1abcce1ccdcf9bce76642ac
2015-09-14 12:23:38 -04:00
parent 36b35b9d71
commit a11b59c424
4 changed files with 42 additions and 1 deletions
--- a/gerrit-server/src/main/java/com/google/gerrit/server/git/ReceiveCommits.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/git/ReceiveCommits.java
@@ -2075,6 +2075,10 @@ public class ReceiveCommits {
      newPatchSet.setUploader(currentUser.getAccountId());
      newPatchSet.setRevision(toRevId(newCommit));
      newPatchSet.setGroups(groups);
+      if (rp.getPushCertificate() != null) {
+        newPatchSet.setPushCertificate(
+            rp.getPushCertificate().toTextWithSignature());
+      }
      if (magicBranch != null && magicBranch.draft) {
        newPatchSet.setDraft(true);
      }