Resolve "Allow HTTPS cloning by Runners if it is disabled for users" (!18021) · Merge requests · GitLab.org / GitLab FOSS

Tomasz Maczukin requested to merge 44389-always-allow-http-for-ci-git-operations into master Mar 27, 2018

What does this MR do?

Makes HTTP(s) protocol available for CI clone/fetch, even if it's disabled in general.

Are there points in the code the reviewer needs to double check?

Security. With this change we're changing current implementation of checking if HTTP(s) git operations are enabled. We should ensure, that this change doesn't open any security vulnerabilities.

EE port in gitlab-org/gitlab-ee!5253

Why was this MR needed?

Please look into #44389 (closed) for a reference.

Screenshots (if relevant)

Does this MR meet the acceptance criteria?

Changelog entry added, if necessary
Documentation created/updated
Tests added for this feature/bug
Review
- Has been reviewed by Backend
Conform by the merge request performance guides
Conform by the style guides
Squashed related commits together
End-to-end tests pass (package-and-qa manual pipeline job)

What are the relevant issue numbers?

Closes #44389 (closed)

Edited Apr 05, 2018 by Tomasz Maczukin

Resolve "Allow HTTPS cloning by Runners if it is disabled for users"