Add support for configuring gitlab-sshd crypto (!2581) · Merge requests · GitLab.org / charts / GitLab Chart

Stan Hu requested to merge sh-add-gitlab-shell-crypto-config into master May 19, 2022

What does this MR do?

This adds gitlab-shell config options for:

ciphers
kexAlgorithms
macs

The default values are explicitly listed so they can be trimmed if necessary.

Requires gitlab-shell v14.4.0 for gitlab-org/gitlab-shell!633 (merged).

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Testing

ssh-audit (https://github.com/jtesta/ssh-audit or brew install ssh-audit on macOS). can be used to verify that the changes have taken effect. Simply trim undesired ciphers and redeploy.

Required

Merge Request Title and Description are up to date, accurate, and descriptive
MR targeting the appropriate branch
MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

Test plan indicating conditions for success has been posted and passes
Documentation created/updated
Tests added
Integration tests added to GitLab QA
Equivalent MR/issue for omnibus-gitlab opened

Edited May 19, 2022 by Stan Hu

Add support for configuring gitlab-sshd crypto

What does this MR do?

Related issues

Checklist

Testing

Required

Expected (please provide an explanation if not completing)

Merge request reports