View public key that is used for Web commits signing

Overview

Within Automated/web commits (merge or web IDE commits... (#19185 - closed) web commits signing has been introduced. A private key is configured in Gitaly. The private key is then used to sign the commits created in UI.

The users may want to verify the commits signed by GitLab locally. They need the public part of the private key for it.

Currently, we hardcode this value in the docs: Docs: Specify Gitlab public key for commits sig... (!145373 - merged). However, it would be cool to have an endpoint like https://gitlab.com/web-commits.ssh that returns the up-to-date keys (similar to https://gitlab.com/igor.drozdov.keys).

Create a Gitaly RPC to fetch the key: Create RPC to return web-commit signing public ... (gitaly#6220 - closed)
Create an endpoint that calls the Gitaly RPC and displays the public key

Edited Jul 15, 2024 by Joe Woodward