Allow users to disable SSL verification if not connecting to github.com

1 files changed, 15 insertions, 4 deletions

diff --git a/lib/github/client.rb b/lib/github/client.rb
index 7d77f1a91bc..9c476df7d46 100644
--- a/lib/github/client.rb
+++ b/lib/github/client.rb
@@ -10,6 +10,7 @@ module Github
         faraday.options.timeout = options.fetch(:timeout, TIMEOUT)
         faraday.authorization 'token', options.fetch(:token)
         faraday.adapter :net_http
+        faraday.ssl.verify = verify_ssl
       end
 
       @rate_limit = RateLimit.new(connection)
@@ -29,14 +30,24 @@ module Github
     end
 
     def custom_endpoint
-      Gitlab.config.omniauth.providers
-                            .find { |provider| provider.name == 'github' }
-                            .to_h
-                            .dig('args', 'client_options', 'site')
+      github_omniauth_provider.dig('args', 'client_options', 'site')
+    end
+
+    def verify_ssl
+      # If there is no config, we're connecting to github.com
+      # and we should verify ssl.
+      github_omniauth_provider.fetch('verify_ssl', true)
     end
 
     def github_endpoint
       OmniAuth::Strategies::GitHub.default_options[:client_options][:site]
     end
+
+    def github_omniauth_provider
+      @github_omniauth_provider ||=
+        Gitlab.config.omniauth.providers
+              .find { |provider| provider.name == 'github' }
+              .to_h
+    end
   end
 end