Skip to content

all: introduce experimental tls.external site setting

Warren Gifford requested to merge core/gitlab-ssl-gitserver into master

Created by: keegancsmith

We introduce the site setting tls.external which administrators can configure for all external communication. This setting is taken into account by all external service communication as well as remote git commands. Initially we just target InsecureSkipVerify, but a follow up PR will implement RootCAs.

This approach can supersede all external service configurations where we specify transport options. For example most of our external services have options for setting TLS certificates/etc.

Best reviewed commit by commit.

Meta: This approach could be extended for supporting http proxies. Should we rename the site setting to https.external maybe?

Follow-up PRs:

  • Support TLS certifications
  • Updating documentation

Part of https://github.com/sourcegraph/sourcegraph/issues/71 and https://github.com/sourcegraph/sourcegraph/issues/2990

Merge request reports

Loading