Commit 6ac2542b authored by Changzheng Liu's avatar Changzheng Liu Committed by Heinrich Lee Yu

Set the default SSL cert path when invoking indexer

parent 1cf0dcb2
---
title: Set the default SSL cert path environment variables when invoking indexer
merge_request: 26036
author:
type: fixed
...@@ -83,10 +83,12 @@ module Gitlab ...@@ -83,10 +83,12 @@ module Gitlab
'ELASTIC_CONNECTION_INFO' => elasticsearch_config(target), 'ELASTIC_CONNECTION_INFO' => elasticsearch_config(target),
'GITALY_CONNECTION_INFO' => gitaly_connection_info, 'GITALY_CONNECTION_INFO' => gitaly_connection_info,
'FROM_SHA' => from_sha, 'FROM_SHA' => from_sha,
'TO_SHA' => to_sha 'TO_SHA' => to_sha,
'SSL_CERT_FILE' => OpenSSL::X509::DEFAULT_CERT_FILE,
'SSL_CERT_DIR' => OpenSSL::X509::DEFAULT_CERT_DIR
} }
# SSL certificates related env will be sent to child process if configured # Users can override default SSL certificate path via these envs
%w(SSL_CERT_FILE SSL_CERT_DIR).each_with_object(vars) do |key, hash| %w(SSL_CERT_FILE SSL_CERT_DIR).each_with_object(vars) do |key, hash|
hash[key] = ENV[key] if ENV.key?(key) hash[key] = ENV[key] if ENV.key?(key)
end end
......
...@@ -269,11 +269,14 @@ describe Gitlab::Elastic::Indexer do ...@@ -269,11 +269,14 @@ describe Gitlab::Elastic::Indexer do
end end
end end
context 'when SSL env vars are not set' do context 'when SSL env vars are not set explicitly' do
let(:ruby_cert_file) { OpenSSL::X509::DEFAULT_CERT_FILE }
let(:ruby_cert_dir) { OpenSSL::X509::DEFAULT_CERT_DIR }
subject { envvars } subject { envvars }
it 'they will not be passed down to child process' do it 'they will be set to default values determined by Ruby' do
is_expected.not_to include('SSL_CERT_FILE', 'SSL_CERT_DIR') is_expected.to include('SSL_CERT_FILE' => ruby_cert_file, 'SSL_CERT_DIR' => ruby_cert_dir)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment