The source project of this merge request has been removed.
fix: glab auth login to work with mTLS by using api.NewClientWithCfg instead of native HTTPClient
-
Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA. As a benefit of being a GitLab Community Contributor, you receive complimentary access to GitLab Duo.
Description
- fix: glab auth login to work with mTLS by using api.NewClientWithCfg instead of native HTTPClient
When trying to use the oauth2 login lib against a gitlab server with mTLS in place, it won't work, despite a configured client cert in the ~/.config/glab-cli/config.yml e.g.:
hosts:
git.your-domain.com:
api_protocol: https
api_host: git.your-domain.com
token: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
client_cert: /path/to/client.crt
client_key: /path/to/client.key
ca_cert: /path/to/ca-chain.pemError message:
goroutine 130 [running]:
net/http.(*conn).serve.func1()
/home/dev/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.4.linux-amd64/src/net/http/server.go:1947 +0xbe
panic({0xada620?, 0x14cb140?})
/home/dev/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.4.linux-amd64/src/runtime/panic.go:792 +0x132
gitlab.com/gitlab-org/cli/pkg/oauth2.requestToken({0xc98536, 0x1f}, {0xc443a3?, 0x0?}, {0xcd05a2, 0x40}, {0xc0004c6018, 0x40}, {0xc000806210, 0x2b})
/home/dev/go/pkg/mod/gitlab.com/gitlab-org/cli@v1.60.2/pkg/oauth2/oauth2.go:127 +0x436
gitlab.com/gitlab-org/cli/pkg/oauth2.handleAuthRedirect.func1({0xf9fad0, 0xc0005fe0e0}, 0xc00080e500)
/home/dev/go/pkg/mod/gitlab.com/gitlab-org/cli@v1.60.2/pkg/oauth2/oauth2.go:91 +0x20f
net/http.HandlerFunc.ServeHTTP(0x15014c0?, {0xf9fad0?, 0xc0005fe0e0?}, 0x6d2c36?)
/home/dev/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.4.linux-amd64/src/net/http/server.go:2294 +0x29
net/http.(*ServeMux).ServeHTTP(0x46ee39?, {0xf9fad0, 0xc0005fe0e0}, 0xc00080e500)
/home/dev/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.4.linux-amd64/src/net/http/server.go:2822 +0x1c4
net/http.serverHandler.ServeHTTP({0xc000b86a20?}, {0xf9fad0?, 0xc0005fe0e0?}, 0x6?)
/home/dev/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.4.linux-amd64/src/net/http/server.go:3301 +0x8e
net/http.(*conn).serve(0xc0000f8bd0, {0xfa07f8, 0xc0008008d0})
/home/dev/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.4.linux-amd64/src/net/http/server.go:2102 +0x625
created by net/http.(*Server).Serve in goroutine 57
/home/dev/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.4.linux-amd64/src/net/http/server.go:3454 +0x485Related Issues
Resolves #1426 (closed)
How has this been tested?
- running the tests
- tested against self-hosted gitlab with mTLS in place
Screenshots (if appropriate):
Types of changes
-
Bug fix (non-breaking change which fixes an issue) -
New feature (non-breaking change which adds functionality) -
Breaking change (fix or feature that would cause existing functionality to change) -
Documentation -
Chore (Related to CI or Packaging to platforms) -
Test gap
Edited by André Düwel