mirror of
https://github.com/valitydev/salt.git
synced 2024-11-08 09:23:56 +00:00
Merge pull request #8966 from Jorge-Rodriguez/develop
Added ssl verify flag to the gitfs backend.
This commit is contained in:
commit
2b9048a8c6
@ -356,6 +356,13 @@
|
|||||||
# - git://github.com/saltstack/salt-states.git
|
# - git://github.com/saltstack/salt-states.git
|
||||||
# - file:///var/git/saltmaster
|
# - file:///var/git/saltmaster
|
||||||
#
|
#
|
||||||
|
# The gitfs_ssl_verify option specifies whether to ignore ssl certificate
|
||||||
|
# errors when contacting the gitfs backend. You might want to set this to
|
||||||
|
# false if you're using a git backend that uses a self-signed certificate but
|
||||||
|
# keep in mind that setting this flag to anything other than the default of True
|
||||||
|
# is a security concern, you may want to try using the ssh transport.
|
||||||
|
#gitfs_ssl_verify: True
|
||||||
|
#
|
||||||
# The repos will be searched in order to find the file requested by a client
|
# The repos will be searched in order to find the file requested by a client
|
||||||
# and the first repo to have the file will return it.
|
# and the first repo to have the file will return it.
|
||||||
# When using the git backend branches and tags are translated into salt
|
# When using the git backend branches and tags are translated into salt
|
||||||
@ -389,7 +396,7 @@
|
|||||||
# errors when contacting the pillar gitfs backend. You might want to set this to
|
# errors when contacting the pillar gitfs backend. You might want to set this to
|
||||||
# false if you're using a git backend that uses a self-signed certificate but
|
# false if you're using a git backend that uses a self-signed certificate but
|
||||||
# keep in mind that setting this flag to anything other than the default of True
|
# keep in mind that setting this flag to anything other than the default of True
|
||||||
# is a security concern.
|
# is a security concern, you may want to try using the ssh transport.
|
||||||
#pillar_gitfs_ssl_verify: True
|
#pillar_gitfs_ssl_verify: True
|
||||||
|
|
||||||
# The pillar_opts option adds the master configuration file data to a dict in
|
# The pillar_opts option adds the master configuration file data to a dict in
|
||||||
|
@ -131,6 +131,11 @@ def init():
|
|||||||
if not repo.remotes:
|
if not repo.remotes:
|
||||||
try:
|
try:
|
||||||
repo.create_remote('origin', opt)
|
repo.create_remote('origin', opt)
|
||||||
|
# ignore git ssl verification if requested
|
||||||
|
if __opts__.get('gitfs_ssl_verify', True):
|
||||||
|
repo.git.config('http.sslVerify', 'true')
|
||||||
|
else:
|
||||||
|
repo.git.config('http.sslVerify', 'false')
|
||||||
except Exception:
|
except Exception:
|
||||||
# This exception occurs when two processes are trying to write
|
# This exception occurs when two processes are trying to write
|
||||||
# to the git config at once, go ahead and pass over it since
|
# to the git config at once, go ahead and pass over it since
|
||||||
|
@ -115,15 +115,17 @@ def init(branch, repo_location):
|
|||||||
if not repo.remotes:
|
if not repo.remotes:
|
||||||
try:
|
try:
|
||||||
repo.create_remote('origin', repo_location)
|
repo.create_remote('origin', repo_location)
|
||||||
except Exception:
|
|
||||||
pass
|
|
||||||
|
|
||||||
# ignore git ssl verification if requested
|
# ignore git ssl verification if requested
|
||||||
if __opts__.get('pillar_gitfs_ssl_verify', True):
|
if __opts__.get('pillar_gitfs_ssl_verify', True):
|
||||||
repo.git.config('http.sslVerify', 'true')
|
repo.git.config('http.sslVerify', 'true')
|
||||||
else:
|
else:
|
||||||
repo.git.config('http.sslVerify', 'false')
|
repo.git.config('http.sslVerify', 'false')
|
||||||
|
except Exception:
|
||||||
|
# This exception occurs when two processes are trying to write
|
||||||
|
# to the git config at once, go ahead and pass over it since
|
||||||
|
# this is the only write
|
||||||
|
# This should place a lock down
|
||||||
|
pass
|
||||||
repo.git.fetch()
|
repo.git.fetch()
|
||||||
return repo
|
return repo
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user