bail if the commit has no signature

app/models/commit.rb

@@ -242,11 +242,7 @@ class Commit
     cached_signature = GpgSignature.find_by(commit_sha: sha)
     return cached_signature if cached_signature.present?
-    gpg_commit = Gitlab::Gpg::Commit.new(self)
-
-    return unless gpg_commit.has_signature?
-
-    @signature = gpg_commit.signature
+    @signature = Gitlab::Gpg::Commit.new(self).signature
   end
   def revert_branch_name

lib/gitlab/gpg/commit.rb

@@ -10,10 +10,12 @@ module Gitlab
       end
       def has_signature?
-        @signature_text && @signed_text
+        !!(@signature_text && @signed_text)
       end
       def signature
+        return unless has_signature?
+
         Gitlab::Gpg.using_tmp_keychain do
           # first we need to get the keyid from the signature to query the gpg
           # key belonging to the keyid.
@@ -43,7 +45,7 @@ module Gitlab
           project: commit.project,
           gpg_key: gpg_key,
           gpg_key_primary_keyid: gpg_key&.primary_keyid,
-          valid_signature: !!(gpg_key && verified_signature&.valid?)
+          valid_signature: !!(gpg_key && verified_signature.valid?)
         )
       end
     end

spec/lib/gitlab/gpg/commit_spec.rb

@@ -4,6 +4,12 @@ RSpec.describe Gitlab::Gpg::Commit do
   describe '#signature' do
     let!(:project) { create :project, :repository, path: 'sample-project' }
+    context 'unisgned commit' do
+      it 'returns nil' do
+        expect(described_class.new(project.commit).signature).to be_nil
+      end
+    end
+
     context 'known public key' do
       it 'returns a valid signature' do
         gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key