Add revocation for SSH keys
What does this MR do and why?
Related issue: #382984 (closed)
If an SSH key is compromised, we need to be able to revoke it to mark all the commits signed by the SSH key as unverified.
SQL query
UPDATE "ssh_signatures" SET "verification_status" = 7, "updated_at" = '2023-01-16 14:20:37.982442' WHERE "ssh_signatures"."key_id" = 10797478
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/14544/commands/51043
ModifyTable on public.ssh_signatures (cost=0.29..96.46 rows=70 width=109) (actual time=674.551..674.552 rows=0 loops=1)
Buffers: shared hit=1074 read=208 dirtied=200 written=2
I/O Timings: read=646.266 write=0.000
-> Index Scan using index_ssh_signatures_on_key_id on public.ssh_signatures (cost=0.29..96.46 rows=70 width=109) (actual time=4.194..206.325 rows=70 loops=1)
Index Cond: (ssh_signatures.key_id = 10797478)
Buffers: shared hit=6 read=64
I/O Timings: read=205.576 write=0.000
Time: 675.634 ms
- planning: 1.039 ms
- execution: 674.595 ms
- I/O read: 646.266 ms
- I/O write: 0.000 ms
Shared buffers:
- hits: 1074 (~8.40 MiB) from the buffer pool
- reads: 208 (~1.60 MiB) from the OS file cache, including disk I/O
- dirtied: 200 (~1.60 MiB)
- writes: 2 (~16.00 KiB)
Screenshots
Edited by Igor Drozdov