Skip to content
Snippets Groups Projects
Commit eeb43658 authored by Balasankar 'Balu' C's avatar Balasankar 'Balu' C
Browse files

Merge branch 'sh-support-mutual-tls-http-client' into 'master'

Add support for using HTTP TLS client cert

See merge request gitlab-org/omnibus-gitlab!7349



Merged-by: default avatarBalasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: default avatarClemens Beck <cbeck@gitlab.com>
Approved-by: default avatarAndrew Patterson <apatterson@gitlab.com>
Approved-by: default avatarBalasankar 'Balu' C <balasankar@gitlab.com>
Reviewed-by: default avatarClemens Beck <cbeck@gitlab.com>
Co-authored-by: default avatarStan Hu <stanhu@gmail.com>
parents 27e1bed9 51697fdb
No related branches found
No related tags found
1 merge request!7349Add support for using HTTP TLS client cert
......@@ -192,6 +192,11 @@ external_url 'GENERATED_EXTERNAL_URL'
###! request (default: 10)
# gitlab_rails['webhook_timeout'] = 10
### HTTP client settings
###! This is for setting up the mutual TLS client cert and password for the certificate file.
# gitlab_rails['http_client']['tls_client_cert_file'] = nil
# gitlab_rails['http_client']['tls_client_cert_password'] = nil
### GraphQL Settings
###! Tells the rails application how long it has to complete a GraphQL request.
###! We suggest this value to be higher than the database timeout value
......
......@@ -615,6 +615,8 @@ default['gitlab']['gitlab_rails']['trusted_certs_dir'] = "/etc/gitlab/trusted-ce
default['gitlab']['gitlab_rails']['webhook_timeout'] = nil
default['gitlab']['gitlab_rails']['http_client'] = {}
default['gitlab']['gitlab_rails']['graphql_timeout'] = nil
default['gitlab']['gitlab_rails']['initial_root_password'] = nil
......
......@@ -110,6 +110,9 @@ production: &base
# Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
webhook_timeout: <%= @webhook_timeout %>
## HTTP client settings
http_client: <%= @http_client.to_json %>
### GraphQL Settings
# Tells the rails application how long it has to complete a GraphQL request.
# We suggest this value to be higher than the database timeout value
......
......@@ -84,6 +84,34 @@ RSpec.describe 'gitlab::gitlab-rails' do
end
end
describe 'HTTP client settings' do
context 'with default configuration' do
it 'renders gitlab.yml with empty HTTP client settings' do
expect(gitlab_yml[:production][:gitlab][:http_client]).to eq({})
end
end
context 'with mutual TLS settings configured' do
before do
stub_gitlab_rb(
gitlab_rails: {
http_client: {
tls_client_cert_file: '/path/to/tls_cert_file',
tls_client_cert_password: 'somepassword'
}
}
)
end
it 'renders gitlab.yml with HTTP client settings' do
expect(gitlab_yml[:production][:gitlab][:http_client]).to eq(
tls_client_cert_file: '/path/to/tls_cert_file',
tls_client_cert_password: 'somepassword'
)
end
end
end
describe 'SMIME email settings' do
context 'with default configuration' do
it 'renders gitlab.yml with SMIME email settings disabled' do
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment