Unverified Commit f157dc9f authored by Alessio Caiazza's avatar Alessio Caiazza

Merge branch '10-2-stable-patch-1' into 10-2-stable

parents 0a75cdd1 395b1ee9
v 10.2.1 (2018-01-22)
- Do not use `git config --local` as it's not available in git v1.7.1 !790
- Always load OS certificate pool when evaluating TLS connections !804
v 10.2.0 (2017-11-22)
- Update supported platforms !712
- Fix typo in Kubernetes runner docs !714
......
......@@ -107,7 +107,13 @@ func (n *client) addTLSCA(tlsConfig *tls.Config) {
data, err := ioutil.ReadFile(file)
if err == nil {
pool := x509.NewCertPool()
pool, err := x509.SystemCertPool()
if err != nil {
logrus.Warningln("Failed to load system CertPool:", err)
}
if pool == nil {
pool = x509.NewCertPool()
}
if pool.AppendCertsFromPEM(data) {
tlsConfig.RootCAs = pool
n.caData = data
......
......@@ -95,7 +95,7 @@ func (b *AbstractShell) writeFetchCmd(w ShellWriter, build *common.Build, projec
w.Command("git", "config", "fetch.recurseSubmodules", "false")
if build.IsSharedEnv() {
b.writeGitSSLConfig(w, build, []string{"--local"})
b.writeGitSSLConfig(w, build, nil)
}
// Remove .git/{index,shallow,HEAD}.lock files from .git, which can fail the fetch command
......
......@@ -36,7 +36,7 @@ func TestWriteGitSSLConfig(t *testing.T) {
mockWriter.On("Command", "git", "config", fmt.Sprintf("http.%s.%s", gitlabURL, "sslCert"), tls.VariableCertFile).Once()
mockWriter.On("Command", "git", "config", fmt.Sprintf("http.%s.%s", gitlabURL, "sslKey"), tls.VariableKeyFile).Once()
shell.writeGitSSLConfig(mockWriter, build, make([]string, 0))
shell.writeGitSSLConfig(mockWriter, build, nil)
mockWriter.AssertExpectations(t)
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment