resolve fixme

Author: ChristopherHX

custom/conf/app.example.ini

@@ -1233,6 +1233,7 @@ LEVEL = Info
 ;;
 ;; Determines which additional ssh keys are trusted for all signed commits regardless of the user
 ;; This is useful for ssh signing key rotation.
+;; Exposes the provided SIGNING_NAME and SIGNING_EMAIL as the signer, regardless of the SIGNING_FORMAT value.
 ;; Multiple keys should be comma separated.
 ;; E.g."ssh-<algorithm> <key>". or "ssh-<algorithm> <key1>, ssh-<algorithm> <key2>".
 ;TRUSTED_SSH_KEYS =

services/asymkey/commit.go

@@ -417,8 +417,10 @@ func ParseCommitWithSSHSignature(ctx context.Context, c *git.Commit, committerUs
 
 	// Try the pre-set trusted keys (for key-rotation purpose)
 	for _, k := range setting.Repository.Signing.TrustedSSHKeys {
-		// FIXME: why here uses "commiterUser" as "signerUser" but below don't? why here uses "c.Committer.Email" but below uses "gpgSettings.Email"?
-		signerUser := committerUser
+		signerUser := &user_model.User{
+			Name:  setting.Repository.Signing.SigningName,
+			Email: setting.Repository.Signing.SigningEmail,
+		}
 		commitVerification := verifySSHCommitVerificationByInstanceKey(c, committerUser, signerUser, c.Committer.Email, k)
 		if commitVerification != nil && commitVerification.Verified {
 			return commitVerification

services/asymkey/commit_test.go

@@ -19,6 +19,8 @@ import (
 func TestParseCommitWithSSHSignature(t *testing.T) {
 	// Here we only test the TrustedSSHKeys. The complete signing test is in tests/integration/gpg_ssh_git_test.go
 	t.Run("TrustedSSHKey", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.Repository.Signing.SigningName, "gitea")()
+		defer test.MockVariableValue(&setting.Repository.Signing.SigningEmail, "[email protected]")()
 		defer test.MockVariableValue(&setting.Repository.Signing.TrustedSSHKeys, []string{"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH6Y4idVaW3E+bLw1uqoAfJD7o5Siu+HqS51E9oQLPE9"})()
 
 		commit, err := git.CommitFromReader(nil, git.Sha1ObjectFormat.EmptyObjectID(), strings.NewReader(`tree 9a93ffa76e8b72bdb6431910b3a506fa2b39f42e
@@ -34,11 +36,18 @@ gpgsig -----BEGIN SSH SIGNATURE-----
 Initial commit with signed file
 `))
 		require.NoError(t, err)
-		ret := ParseCommitWithSSHSignature(t.Context(), commit, &user_model.User{Name: "foo", Email: "[email protected]"})
+		committingUser := &user_model.User{
+			ID:    2,
+			Name:  "User Two",
+			Email: "[email protected]",
+		}
+		ret := ParseCommitWithSSHSignature(t.Context(), commit, committingUser)
 		require.NotNil(t, ret)
 		assert.True(t, ret.Verified)
 		assert.False(t, ret.Warning)
-		assert.NotNil(t, ret.CommittingUser) // FIXME: test the CommittingUser and SigningUser correctly
-		assert.NotNil(t, ret.SigningUser)    // FIXME: test the CommittingUser and SigningUser correctly
+		assert.Equal(t, ret.CommittingUser, committingUser)
+		assert.NotNil(t, ret.SigningUser)
+		assert.Equal(t, ret.SigningUser.Name, "gitea")
+		assert.Equal(t, ret.SigningUser.Email, "[email protected]")
 	})
 }