Skip to content

fix: pass 'certPool' to Gitea client on creation#1084

Merged
stefanprodan merged 1 commit intofluxcd:mainfrom
sdreger:bugfix/1083/gitea-tls-error
Mar 24, 2025
Merged

fix: pass 'certPool' to Gitea client on creation#1084
stefanprodan merged 1 commit intofluxcd:mainfrom
sdreger:bugfix/1083/gitea-tls-error

Conversation

@sdreger
Copy link
Copy Markdown
Contributor

@sdreger sdreger commented Mar 23, 2025

It is required when a custom CA is passed, otherwise the gitea.NewClient() call will fail with the 'tls: failed to verify certificate: x509: certificate signed by unknown authority' error. Because the current version of Gitea SDK performs a call to the '/api/v1/version' endpoint during a new client creation, so the 'certPool' must be passed when creating the client.

Resolves: #1083

It is required when a custom CA is passed, otherwise the
gitea.NewClient() call will fail with the 'tls: failed to verify
certificate: x509: certificate signed by unknown authority' error.
Because the current version of Gitea SDK performs a call to the
'/api/v1/version' endpoint during a new client creation, so the
'certPool' must be passed when creating the client.

Resolves: fluxcd#1083
Signed-off-by: Sergey Dreger <sergey.dreger@gmail.com>
Copy link
Copy Markdown
Member

@stefanprodan stefanprodan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Thanks @sdreger 🏅

PS. I realised that we're missing the proxy setting for Gitea. The NewGitea function should have a proxy string arg and when we create the transport we should be setting the proxy if one is specified like we do for all the providers, for example here. @sdreger if you have time please contribute add the proxy config in a PR. Thanks again!

@stefanprodan stefanprodan added area/alerting Alerting related issues and PRs backport:release/v1.5.x To be backported to release/v1.5.x labels Mar 24, 2025
@stefanprodan stefanprodan merged commit f313afa into fluxcd:main Mar 24, 2025
7 checks passed
@fluxcdbot
Copy link
Copy Markdown
Member

Backport failed for release/v1.5.x, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release/v1.5.x
git worktree add -d .worktree/backport-1084-to-release/v1.5.x origin/release/v1.5.x
cd .worktree/backport-1084-to-release/v1.5.x
git switch --create backport-1084-to-release/v1.5.x
git cherry-pick -x 30d8d01687ef2e5a7c9f71f6c4641260b7eb5317

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/alerting Alerting related issues and PRs backport:release/v1.5.x To be backported to release/v1.5.x

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Failed creating Gitea client with custom CA: x509 certificate signed by unknown authority

3 participants