diff options
author | Pawel Chojnacki <pawel@chojnacki.ws> | 2018-02-23 20:14:27 +0100 |
---|---|---|
committer | Pawel Chojnacki <pawel@chojnacki.ws> | 2018-02-23 20:14:27 +0100 |
commit | 878ba21a95daf14ad92b386493a33961a32e967e (patch) | |
tree | 0dc873a41f67d5c3f5008df2eccedb61576c2458 | |
parent | e966c6aea25c78b7fd5ed65e7906b2317e15ac85 (diff) | |
download | gitlab-ce-disable_k8s_certificate_validation_in_development_mode.tar.gz |
Disable k8s certificate validation for develoment environmentdisable_k8s_certificate_validation_in_development_mode
-rw-r--r-- | app/models/clusters/platforms/kubernetes.rb | 6 | ||||
-rw-r--r-- | app/models/project_services/kubernetes_service.rb | 6 | ||||
-rw-r--r-- | app/services/ci/fetch_kubernetes_token_service.rb | 6 |
3 files changed, 15 insertions, 3 deletions
diff --git a/app/models/clusters/platforms/kubernetes.rb b/app/models/clusters/platforms/kubernetes.rb index 7ce8befeeeb..c3372e8206f 100644 --- a/app/models/clusters/platforms/kubernetes.rb +++ b/app/models/clusters/platforms/kubernetes.rb @@ -141,7 +141,11 @@ module Clusters end def kubeclient_ssl_options - opts = { verify_ssl: OpenSSL::SSL::VERIFY_PEER } + opts = if Rails.env.development? + { verify_ssl: OpenSSL::SSL::VERIFY_NONE } + else + { verify_ssl: OpenSSL::SSL::VERIFY_PEER } + end if ca_pem.present? opts[:cert_store] = OpenSSL::X509::Store.new diff --git a/app/models/project_services/kubernetes_service.rb b/app/models/project_services/kubernetes_service.rb index ad4ad7903ad..c87f0f7fd71 100644 --- a/app/models/project_services/kubernetes_service.rb +++ b/app/models/project_services/kubernetes_service.rb @@ -204,7 +204,11 @@ class KubernetesService < DeploymentService end def kubeclient_ssl_options - opts = { verify_ssl: OpenSSL::SSL::VERIFY_PEER } + opts = if Rails.env.development? + { verify_ssl: OpenSSL::SSL::VERIFY_NONE } + else + { verify_ssl: OpenSSL::SSL::VERIFY_PEER } + end if ca_pem.present? opts[:cert_store] = OpenSSL::X509::Store.new diff --git a/app/services/ci/fetch_kubernetes_token_service.rb b/app/services/ci/fetch_kubernetes_token_service.rb index e73c6ad6780..aa0b8f0bba3 100644 --- a/app/services/ci/fetch_kubernetes_token_service.rb +++ b/app/services/ci/fetch_kubernetes_token_service.rb @@ -60,7 +60,11 @@ module Ci end def kubeclient_ssl_options - opts = { verify_ssl: OpenSSL::SSL::VERIFY_PEER } + opts = if Rails.env.development? + { verify_ssl: OpenSSL::SSL::VERIFY_NONE } + else + { verify_ssl: OpenSSL::SSL::VERIFY_PEER } + end if ca_pem.present? opts[:cert_store] = OpenSSL::X509::Store.new |