From 5d8d00fb7139612cbab9a3c1b0187816302d7d4a Mon Sep 17 00:00:00 2001
From: Ash McKenzie <amckenzie@gitlab.com>
Date: Wed, 1 Jul 2020 19:55:22 +1000
Subject: Support new ssl_cert_dir config setting

---
 config.yml.example             | 4 ++++
 internal/config/config.go      | 1 +
 internal/config/config_test.go | 9 +++++++++
 3 files changed, 14 insertions(+)

diff --git a/config.yml.example b/config.yml.example
index c2c1027..60435a3 100644
--- a/config.yml.example
+++ b/config.yml.example
@@ -27,6 +27,10 @@ http_settings:
 # File used as authorized_keys for gitlab user
 auth_file: "/home/git/.ssh/authorized_keys"
 
+# SSL certificate dir where custom certificates can be placed
+# https://golang.org/pkg/crypto/x509/
+# ssl_cert_dir: /opt/gitlab/embedded/ssl/certs/
+
 # File that contains the secret key for verifying access to GitLab.
 # Default is .gitlab_shell_secret in the gitlab-shell directory.
 # secret_file: "/home/git/gitlab-shell/.gitlab_shell_secret"
diff --git a/internal/config/config.go b/internal/config/config.go
index deed74d..be9efa3 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -34,6 +34,7 @@ type Config struct {
 	GitlabTracing  string             `yaml:"gitlab_tracing"`
 	SecretFilePath string             `yaml:"secret_file"`
 	Secret         string             `yaml:"secret"`
+	SslCertDir     string             `yaml:"ssl_cert_dir"`
 	HttpSettings   HttpSettingsConfig `yaml:"http_settings"`
 	HttpClient     *client.HttpClient
 }
diff --git a/internal/config/config_test.go b/internal/config/config_test.go
index 202db6d..77351f2 100644
--- a/internal/config/config_test.go
+++ b/internal/config/config_test.go
@@ -29,6 +29,7 @@ func TestParseConfig(t *testing.T) {
 		format       string
 		gitlabUrl    string
 		secret       string
+		sslCertDir   string
 		httpSettings HttpSettingsConfig
 	}{
 		{
@@ -79,6 +80,13 @@ func TestParseConfig(t *testing.T) {
 			format: "text",
 			secret: "an inline secret",
 		},
+		{
+			yaml:       "ssl_cert_dir: /tmp/certs",
+			path:       path.Join(testRoot, "gitlab-shell.log"),
+			format:     "text",
+			secret:     "default-secret-content",
+			sslCertDir: "/tmp/certs",
+		},
 		{
 			yaml:         "http_settings:\n  user: user_basic_auth\n  password: password_basic_auth\n  read_timeout: 500",
 			path:         path.Join(testRoot, "gitlab-shell.log"),
@@ -106,6 +114,7 @@ func TestParseConfig(t *testing.T) {
 			assert.Equal(t, tc.format, cfg.LogFormat)
 			assert.Equal(t, tc.gitlabUrl, cfg.GitlabUrl)
 			assert.Equal(t, tc.secret, cfg.Secret)
+			assert.Equal(t, tc.sslCertDir, cfg.SslCertDir)
 			assert.Equal(t, tc.httpSettings, cfg.HttpSettings)
 		})
 	}
-- 
cgit v1.2.1