Adding support for TLS client certificates
We use client certs to authenticate to our gitlab server. This patch allows ci to work by adding support for TLS client certificates to the gitlab-ci-multi-runner program. I have only tested the register command now.
This patch adds the —tis-client-cert and —tls-client-key flags to the register command to specify their tls client certificates.
Merge request reports
Activity
@she The
git cloneuses https.@she Any thoughts?
@she This is how we pass the TLS certificate chain to build container (we need that for self-signed certificates): https://gitlab.com/gitlab-org/gitlab-ci-multi-runner/blob/master/shells/abstract.go#L151
48 48 URL string `toml:"url" json:"url" short:"u" long:"url" env:"CI_SERVER_URL" required:"true" description:"Runner URL"` 49 49 Token string `toml:"token" json:"token" short:"t" long:"token" env:"CI_SERVER_TOKEN" required:"true" description:"Runner token"` 50 50 TLSCAFile string `toml:"tls-ca-file,omitempty" json:"tls-ca-file" long:"tls-ca-file" env:"CI_SERVER_TLS_CA_FILE" description:"File containing the certificates to verify the peer when using HTTPS"` 51 ClientCert string `toml:"tls-client-cert,omitempty" json:"tls-client-cert" long:"tls-client-cert" env:"CI_CLIENT_TLS_CERT" description:"File containing the TLS client cert to auth to server"` TLSClientCertFile?Edited by Kamil Trzcińśki
@she Can you enable builds on your fork? I want to see the running tests.
mentioned in issue #1291 (closed)
mentioned in merge request !157 (merged)
Mentioned in merge request !340 (closed)
Closing in favor of !157 (merged)
