Update Git TLS settings to be configured for repo URL, not GitLab URL (!2111) · Merge requests · GitLab.org / gitlab-runner

Arran Walker requested to merge 3551-ci-url-used-instead-of-clone-url-when-setting-git-tls-configuration into master May 18, 2020

What does this MR do?

Updates Git's config to associate the repository address with TLS certificates, rather than the GitLab URL.

Why was this MR needed?

When fetching sources, we configure Git so that it knows what TLS certificates to use for the repository.

In most scenarios, the repository URL's hostname and the GitLab installation URL's hostname are the same. However, there can be a number of reasons why they can be different. We should only ever be using the repository's URL hostname.

Are there points in the code the reviewer needs to double check?

We only really need the scheme and hostname to be associated. I'm using GetRemoteURL() as it's probably a future-proof way of getting the RepoURL. I'm dropping the user/password from the URL, mostly because it shouldn't be needed, but I also fear that not doing so would add hundreds of URLS to the globally configured config over time.

Does this MR meet the acceptance criteria?

Documentation created/updated
Added tests for this feature/bug
In case of conflicts with master - branch was rebased

What are the relevant issue numbers?

Closes #3551 (closed)

Edited May 18, 2020 by Arran Walker

Update Git TLS settings to be configured for repo URL, not GitLab URL

What does this MR do?

Why was this MR needed?

Are there points in the code the reviewer needs to double check?

Does this MR meet the acceptance criteria?

What are the relevant issue numbers?

Merge request reports