Skip to content

Allow paths inside $CI_BUILDS_DIR for custom CA certificates

Alishan Ladhani requested to merge ali/allow-ca-certs-from-builds-dir into master

What does this MR do and why?

When --additional-ca-cert-bundle is passed, first check for a file relative to the working directory (existing behaviour). If no file is found, treat the path as absolute and check that it is within $CI_BUILDS_DIR (this makes file variables work).

Test pipeline where a file variable is passed to --additional-ca-cert-bundle: https://gitlab.com/ali-gitlab/golang-app/-/jobs/3397820692

Related to #104 (closed)

Checklist

  • I added tests
  • Green pipeline
  • Assign to reviewer
Edited by Alishan Ladhani

Merge request reports