option to disable tls verification?

cooperspencer / gickup

https://cooperspencer.github.io/gickup-documentation/

Apache License 2.0

940 stars 33 forks source link

option to disable tls verification? #208

Open miconx opened 4 months ago

miconx commented 4 months ago

i try to sync from gitlab to gitlab and get the following error: ERR POST https://gitlab.itest.lan/api/v4/projects: 422 {message: HTTP open_ssl/ssl/ssl_error error: SSL_connect returned=1 errno=0 peeraddr=1.2.3.4:443 state=error: certificate verify failed (self signed certificate in certificate chain)}

but from the host i am using the certificate CA ist correctly integrated - a test with openssl s_client -connect ... works fine how can i disable the tls verification?

cooperspencer commented 4 months ago

That doesn't work yet. I'll have to hand over a custom http client which has TLS disabled. Tomorrow I'll have a look at it.

cooperspencer commented 4 months ago

I implemented an option to disable TLS for Gitlab. Just add TLS: false to your Gitlab source and/or destination.

You can either rebuild gickup from the skip_tls branch or download the build artifacts from this pipeline: https://github.com/cooperspencer/gickup/actions/runs/8000594584

Please let me know if it works for you.

miconx commented 4 months ago

i did a rebuild of your skip tls branch but it did not work here is my config file:

source: gitlab:

token: 345345345435 url: https://git.test.local tls: false

destination: gitlab:

token: 1212312312 user: username url: https://gitlab.test.xxx createorg: true wiki: true # includes wiki too issues: true # back up issues, works only locally starred: true # includes the user's starred repositories too tls: false visibility: repositories: private # private, public, default: private organizations: private # private, limited, public, default: private

cooperspencer commented 4 months ago

did you get the same error message?

cooperspencer commented 4 months ago

Also could you do me a favor and try if the import of a project works directly in Gitlab? Import a project from git.test.local on gitlab.test.xxx

miconx commented 4 months ago

import of an exported repository did work seamlessly

this is the error message:

2024-02-22T13:56:44+01:00 INF mirroring repo01 to https://gitlab.test.xxx stage=gitlab url=https://gitlab.test.xxx

2024-02-22T13:56:44+01:00 ERR POST https://gitlab.test.xxx/api/v4/projects: 422 {message: HTTP open_ssl/ssl/ssl_error error: SSL_connect returned=1 errno=0 peeraddr=10.100.1.1:443 state=error: certificate verify failed (self signed certificate in certificate chain)} stage=gitlab url=https://gitlab.test.xxx

cooperspencer commented 4 months ago

I will set up a gitlab instance with a self-signed certificate and try to replicate this issue

cooperspencer commented 4 months ago

Also another thing that I just remembered. Do your instances have an enterprise license? Because the feature to create mirrors that pull are only available in ee.

miconx commented 4 months ago

nope add the moment there is no ee licence installed