Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow access to Self-Signed Git Repository #642

Closed
jifox opened this issue Jul 2, 2021 · 5 comments
Closed

Allow access to Self-Signed Git Repository #642

jifox opened this issue Jul 2, 2021 · 5 comments
Assignees
Labels
type: documentation Improvements or additions to documentation type: feature Introduction of substantial new functionality to the application
Milestone

Comments

@jifox
Copy link
Contributor

jifox commented Jul 2, 2021

User Story

As Austin the Network Automation Engineer, I want to store data in an on premise Git Repository that have self signed Certificates.

I want to store "config contexts" there.

Because it is not possible ether to ignore the certificate validation or add the CA certificate, I'm not able to use that internal Git repository.

As P.D. the Plugin Developer, I want to store "export templates" and "jobs" in a Git repository with a self-signed certificate too.

Actually trying to Clone or Sync the repository leads to following error:

Error while refreshing net-automation/nautobot-data/nautobot-configitems: Cmd('git') failed due to: exit code(128) cmdline: git clone -v https://..... /opt/nautobot/git/... stderr: 'Cloning into '/opt/nautobot/git/...'... fatal: unable to access 'https://.../': server certificate verification failed. CAfile: none CRLfile: none '

Database Changes (Optional)

Tbd (Flag ignore certificate validation or Trusted Certificate Storage)

External Dependencies (Optional)

@glennmatthews glennmatthews added status: under review type: feature Introduction of substantial new functionality to the application labels Jul 2, 2021
@glennmatthews
Copy link
Contributor

Thanks for the feature request! This seems like a very reasonable additional config option to add either as a per-repository toggle or as a system-wide setting in nautobot_config.py.

@jifox
Copy link
Contributor Author

jifox commented Jul 2, 2021

@glennmatthews

After digging deeper I found out, that setting the environemt variable below will solve that problem. I was able to successfully checkout the local git repository.

GIT_SSL_NO_VERIFY="1"

I suggest to add this setting to development/dev.env as a commented out parameter

# Allow self signed git repositories for config contexts, export templates, ...
# GIT_SSL_NO_VERIFY="1"

@jedelman8 jedelman8 added status: accepted type: documentation Improvements or additions to documentation and removed status: under review labels Jul 16, 2021
@jedelman8 jedelman8 added this to the v1.2.0 milestone Jul 26, 2021
@smk4664
Copy link
Contributor

smk4664 commented Aug 9, 2021

I will take this, I see we are targeting this for 1.2.0, so I will put in a PR for next.

@glennmatthews
Copy link
Contributor

Great - thank you!

@glennmatthews
Copy link
Contributor

Resolved in next by #801.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 29, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
type: documentation Improvements or additions to documentation type: feature Introduction of substantial new functionality to the application
Projects
None yet
Development

No branches or pull requests

4 participants