I have a gitlab-runner, on Centos 7, running as a gitlab-runner user. All is looking fine up to the moment when we use my own CA, SubCA, and serer certificates. We use docker executor using Gradle images for Java builds.
I couldn’t make git fetch work with my own CA/SubCA so I had to make it insecure:
environment = [‘GIT_SSL_NO_VERIFY=true’]
tls_verify = false
I was adding my CA,SubCA certificates to many placaes found in docs, (in /etc/, in users home, etc.) pointed the by the tls-ca-file to the right file and so on.
So it ended up git fetch being insecure. Now we wanted to push the tagged atefact to repo so we can have them ready to download/deploy.
Unfortunately the result we see is:
ERROR: Uploading artifacts to coordinator…. error error=couldn’t execute POST against https://my_gitlab_hostname/… certificate signed by unknown authority id=5678 token=…
I think I do missed something or this is a serious oversight. Or I missed some importlant documentation.