Consider GPG subkeys when trying to update invalid GPG signatures

lib/gitlab/gpg/invalid_gpg_signature_updater.rb

@@ -3,13 +3,14 @@ module Gitlab
     class InvalidGpgSignatureUpdater
       def initialize(gpg_key)
         @gpg_key = gpg_key
+        @gpg_keyids = gpg_key.subkeys.map(&:keyid).push(gpg_key.primary_keyid)
       end
 
       def run
         GpgSignature
           .select(:id, :commit_sha, :project_id)
           .where('gpg_key_id IS NULL OR verification_status <> ?', GpgSignature.verification_statuses[:verified])
-          .where(gpg_key_primary_keyid: @gpg_key.primary_keyid)
+          .where(gpg_key_primary_keyid: @gpg_keyids)
           .find_each { |sig| sig.gpg_commit.update_signature!(sig) }
       end
     end